From: KaiGai Kohei <kaigai@ak.jp.nec.com>
To: selinux@tycho.nsa.gov
Subject: PHP/SELinux: libselinux wrappers
Date: Tue, 09 Sep 2008 15:41:08 +0900 [thread overview]
Message-ID: <48C61A84.9010001@ak.jp.nec.com> (raw)
Hi,
I tried to implement libselinux wrappers for PHP.
It requires the following steps to build.
$ svn checkout http://sepgsql.googlecode.com/svn/misc/php-selinux
$ cd php-selinux
$ ./build-php-selinux.sh /tmp/php-5.2.6-4.src.rpm
(*) You have to get the source rpm package from somewhere.
It is a conceptual implementation earlier than submitting
to PHP developer's community.
Please comment anything, if you have.
I have a plan to submit it to them with some more works like
documentation, test cases.
Thanks,
---------------------------------
Already implemented functions
---------------------------------
selinux_is_enabled
selinux_mls_is_enabled
/*
* /proc/<PID>/attr functions
*/
selinux_getcon
selinux_getcon_raw
selinux_setcon
selinux_setcon_raw
selinux_getpidcon
selinux_getpidcon_raw
selinux_getprevcon
selinux_getprevcon_raw
selinux_getexeccon
selinux_getexeccon_raw
selinux_setexeccon
selinux_setexeccon_raw
selinux_getfscreatecon
selinux_getfscreatecon_raw
selinux_setfscreatecon
selinux_setfscreatecon_raw
selinux_getkeycreatecon
selinux_getkeycreatecon_raw
selinux_setkeycreatecon
selinux_setkeycreatecon_raw
selinux_getsockcreatecon
selinux_getsockcreatecon_raw
selinux_setsockcreatecon
selinux_setsockcreatecon_raw
/*
* Get file context
*/
selinux_getfilecon
selinux_getfilecon_raw
selinux_lgetfilecon
selinux_lgetfilecon_raw
selinux_fgetfilecon
selinux_fgetfilecon_raw
/*
* Set file context
*/
selinux_setfilecon
selinux_setfilecon_raw
selinux_lsetfilecon
selinux_lsetfilecon_raw
selinux_fsetfilecon
selinux_fsetfilecon_raw
/*
* Labeled Networking
*/
selinux_getpeercon
selinux_getpeercon_raw
/*
* get initial context
*/
selinux_get_initial_context
selinux_get_initial_context_raw
/*
* sanity check in security context
*/
selinux_check_context
selinux_check_context_raw
selinux_canonicalize_context
selinux_canonicalize_context_raw
/*
* global setting related
*/
selinux_getenforce
selinux_setenforce
selinux_policyvers
/*
* booleans
*/
selinux_get_boolean_names
selinux_get_boolean_pending
selinux_get_boolean_active
selinux_set_boolean
selinux_commit_booleans
/*
* mcstrans
*/
selinux_trans_to_raw_context
selinux_raw_to_trans_context
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai@ak.jp.nec.com>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next reply other threads:[~2008-09-09 6:41 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-09-09 6:41 KaiGai Kohei [this message]
2008-09-18 2:25 ` PHP/SELinux: libselinux wrappers KaiGai Kohei
2009-02-26 6:22 ` KaiGai Kohei
2009-02-26 14:39 ` Stephen Smalley
2009-02-26 14:57 ` Daniel J Walsh
2009-02-26 18:50 ` Joshua Brindle
2009-02-27 2:23 ` KaiGai Kohei
2009-02-27 19:08 ` Daniel J Walsh
2009-03-03 3:37 ` KaiGai Kohei
2009-03-10 7:05 ` KaiGai Kohei
2009-02-27 2:10 ` KaiGai Kohei
2009-02-27 1:56 ` KaiGai Kohei
2009-02-27 4:28 ` KaiGai Kohei
2009-02-27 8:40 ` KaiGai Kohei
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=48C61A84.9010001@ak.jp.nec.com \
--to=kaigai@ak.jp.nec.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.