* [PATCH 01/17] Do not return error if system is in permissive mode.
@ 2013-10-28 19:43 Daniel J Walsh
2013-10-28 20:56 ` Stephen Smalley
0 siblings, 1 reply; 3+ messages in thread
From: Daniel J Walsh @ 2013-10-28 19:43 UTC (permalink / raw)
To: eparis; +Cc: selinux, Stephen Smalley
[-- Attachment #1: Type: text/plain, Size: 436 bytes --]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This is an updated patch with Steven's suggestions on making sure we audit bad
data.
This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlJuvlYACgkQrlYvE4MpobMm8QCgqk5v5fp8VWkf1US0iWGCVa81
F+wAoKpueblWU0BMkNPGsU+EFhAbmUjR
=nR1C
-----END PGP SIGNATURE-----
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-Do-not-return-error-if-system-is-in-permissive-mode.patch --]
[-- Type: text/x-patch; name="0001-Do-not-return-error-if-system-is-in-permissive-mode.patch", Size: 0 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH 01/17] Do not return error if system is in permissive mode.
2013-10-28 19:43 [PATCH 01/17] Do not return error if system is in permissive mode Daniel J Walsh
@ 2013-10-28 20:56 ` Stephen Smalley
2013-10-29 11:51 ` Daniel J Walsh
0 siblings, 1 reply; 3+ messages in thread
From: Stephen Smalley @ 2013-10-28 20:56 UTC (permalink / raw)
To: Daniel J Walsh; +Cc: eparis, selinux
On 10/28/2013 03:43 PM, Daniel J Walsh wrote:
> This is an updated patch with Steven's suggestions on making sure we audit bad
> data.
>
> This patch looks good to me. acked.
I applied my v1 patch instead as it ensured that we only do this if
security_compute_av* fails with EINVAL, not for any other case.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH 01/17] Do not return error if system is in permissive mode.
2013-10-28 20:56 ` Stephen Smalley
@ 2013-10-29 11:51 ` Daniel J Walsh
0 siblings, 0 replies; 3+ messages in thread
From: Daniel J Walsh @ 2013-10-29 11:51 UTC (permalink / raw)
To: Stephen Smalley; +Cc: eparis, selinux
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/28/2013 04:56 PM, Stephen Smalley wrote:
> On 10/28/2013 03:43 PM, Daniel J Walsh wrote:
>> This is an updated patch with Steven's suggestions on making sure we
>> audit bad data.
>>
>> This patch looks good to me. acked.
>
> I applied my v1 patch instead as it ensured that we only do this if
> security_compute_av* fails with EINVAL, not for any other case.
>
>
>
That is fine with me.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlJvoUIACgkQrlYvE4MpobOxVQCggfAO208Q3Ue6A/Kzwi4+aigs
2k4AoOMg6PNDsIye6F0+SWAPSDuer2OX
=ULAS
-----END PGP SIGNATURE-----
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2013-10-29 11:51 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-10-28 19:43 [PATCH 01/17] Do not return error if system is in permissive mode Daniel J Walsh
2013-10-28 20:56 ` Stephen Smalley
2013-10-29 11:51 ` Daniel J Walsh
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.