From: Nicolas Dichtel <nicolas.dichtel@6wind.com>
To: Paul Moore <paul@paul-moore.com>
Cc: davem@davemloft.net, netdev@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH net-next 2/5] selinux/nlmsg: add RTM_GETNSID
Date: Thu, 09 Apr 2015 15:10:07 +0200 [thread overview]
Message-ID: <55267A2F.5050609@6wind.com> (raw)
In-Reply-To: <CAHC9VhSp_0v+Qd3epkT4rVrP3iqS7A+vhq1TWPN6b76jk1Wpdw@mail.gmail.com>
Le 09/04/2015 13:10, Paul Moore a écrit :
[snip]
>> --- a/security/selinux/nlmsgtab.c
>> +++ b/security/selinux/nlmsgtab.c
>> @@ -74,6 +74,7 @@ static struct nlmsg_perm nlmsg_route_perms[] =
>> { RTM_DELMDB, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
>> { RTM_GETMDB, NETLINK_ROUTE_SOCKET__NLMSG_READ },
>> { RTM_NEWNSID, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
>> + { RTM_DELNSID, NETLINK_ROUTE_SOCKET__NLMSG_READ },
>> { RTM_GETNSID, NETLINK_ROUTE_SOCKET__NLMSG_READ },
>> };
>
> Can you elaborate a bit on the RTM_DELNSID type? Based only on the
> name I wonder if it should be treated as a "write" and not a "read"
> operation.
The user is not allowed to delete a nsid (no method is implemented). This
RTM_DELNSID is only used for notifications.
next prev parent reply other threads:[~2015-04-09 13:10 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-08 16:36 [PATCH net-next 0/5] selinux: add some missing nlmsg commands Nicolas Dichtel
2015-04-08 16:36 ` [PATCH net-next 1/5] selinux/nlmsg: add RTM_NEWNSID and RTM_GETNSID Nicolas Dichtel
2015-04-08 16:36 ` [PATCH net-next 2/5] selinux/nlmsg: add RTM_GETNSID Nicolas Dichtel
2015-04-09 11:10 ` Paul Moore
2015-04-09 13:10 ` Nicolas Dichtel [this message]
2015-04-09 20:47 ` Paul Moore
2015-04-08 16:36 ` [PATCH net-next 3/5] selinux/nlmsg: add XFRM_MSG_NEWSPDINFO Nicolas Dichtel
2015-04-09 12:32 ` Stephen Smalley
2015-04-09 13:11 ` Nicolas Dichtel
2015-04-10 14:24 ` [PATCH net-next 0/3] selinux: add missing xfrm nl cmd Nicolas Dichtel
2015-04-10 14:24 ` [PATCH net-next 1/3] selinux/nlmsg: add XFRM_MSG_REPORT Nicolas Dichtel
2015-04-10 14:24 ` [PATCH net-next 2/3] selinux/nlmsg: add XFRM_MSG_MIGRATE Nicolas Dichtel
2015-04-10 14:24 ` [PATCH net-next 3/3] selinux/nlmsg: add XFRM_MSG_MAPPING Nicolas Dichtel
2015-04-13 1:20 ` [PATCH net-next 0/3] selinux: add missing xfrm nl cmd David Miller
2015-04-08 16:36 ` [PATCH net-next 4/5] selinux/nlmsg: add XFRM_MSG_GETSPDINFO Nicolas Dichtel
2015-04-08 16:36 ` [PATCH net-next 5/5] selinux/nlmsg: add XFRM_MSG_[NEW|GET]SADINFO Nicolas Dichtel
2015-04-08 19:19 ` [PATCH net-next 0/5] selinux: add some missing nlmsg commands David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55267A2F.5050609@6wind.com \
--to=nicolas.dichtel@6wind.com \
--cc=davem@davemloft.net \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=paul@paul-moore.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox