* [PATCH] sepolgen: Update permission map @ 2022-04-01 14:23 Petr Lautrbach 2022-04-01 17:31 ` Karl MacMillan 0 siblings, 1 reply; 2+ messages in thread From: Petr Lautrbach @ 2022-04-01 14:23 UTC (permalink / raw) To: selinux https://github.com/SELinuxProject/selinux/pull/349 It's too big to be posted on this ML. ^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] sepolgen: Update permission map 2022-04-01 14:23 [PATCH] sepolgen: Update permission map Petr Lautrbach @ 2022-04-01 17:31 ` Karl MacMillan 0 siblings, 0 replies; 2+ messages in thread From: Karl MacMillan @ 2022-04-01 17:31 UTC (permalink / raw) To: Petr Lautrbach; +Cc: SElinux list On Fri, Apr 1, 2022 at 10:29 AM Petr Lautrbach <plautrba@redhat.com> wrote: > > > https://github.com/SELinuxProject/selinux/pull/349 > > It's too big to be posted on this ML. > I just glanced quickly and one thing stuck out to me. It looks like relabelfrom on sockets is marked as 10. The theory on using 10 for relabeling of files is that the full contents of the file is, of course, immediately available under a new context after relabeling and thus represents a large flow of information. The same is not true of a socket. Yes, subsequent send / recv from that socket would yield data, but the actual relabel seems, to me, to not transfer much data. Karl ^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-04-01 17:31 UTC | newest] Thread overview: 2+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2022-04-01 14:23 [PATCH] sepolgen: Update permission map Petr Lautrbach 2022-04-01 17:31 ` Karl MacMillan
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.