* [PATCH] sepolgen: Update permission map
@ 2022-04-01 14:23 Petr Lautrbach
2022-04-01 17:31 ` Karl MacMillan
0 siblings, 1 reply; 2+ messages in thread
From: Petr Lautrbach @ 2022-04-01 14:23 UTC (permalink / raw)
To: selinux
https://github.com/SELinuxProject/selinux/pull/349
It's too big to be posted on this ML.
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] sepolgen: Update permission map
2022-04-01 14:23 [PATCH] sepolgen: Update permission map Petr Lautrbach
@ 2022-04-01 17:31 ` Karl MacMillan
0 siblings, 0 replies; 2+ messages in thread
From: Karl MacMillan @ 2022-04-01 17:31 UTC (permalink / raw)
To: Petr Lautrbach; +Cc: SElinux list
On Fri, Apr 1, 2022 at 10:29 AM Petr Lautrbach <plautrba@redhat.com> wrote:
>
>
> https://github.com/SELinuxProject/selinux/pull/349
>
> It's too big to be posted on this ML.
>
I just glanced quickly and one thing stuck out to me. It looks like
relabelfrom on sockets is marked as 10. The theory on using 10 for
relabeling of files is that the full contents of the file is, of
course, immediately available under a new context after relabeling and
thus represents a large flow of information. The same is not true of a
socket. Yes, subsequent send / recv from that socket would yield data,
but the actual relabel seems, to me, to not transfer much data.
Karl
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-04-01 17:31 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-04-01 14:23 [PATCH] sepolgen: Update permission map Petr Lautrbach
2022-04-01 17:31 ` Karl MacMillan
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.