On Tue, 2006-11-07 at 16:57 -0500, James Antill wrote:
> Here is the libselinux changes needed to do the security context
> contains checks for PAM and cron.
Index: libselinux/include/selinux/av_permissions.h
===================================================================
--- libselinux/include/selinux/av_permissions.h (revision 2076)
+++ libselinux/include/selinux/av_permissions.h (working copy)
@@ -896,3 +896,4 @@
#define KEY__SETATTR 0x00000020UL
#define KEY__CREATE 0x00000040UL
#define CONTEXT__TRANSLATE 0x00000001UL
+#define CONTEXT__CONTAINS 0x00000002UL
Index: libselinux/src/av_perm_to_string.h
===================================================================
--- libselinux/src/av_perm_to_string.h (revision 2076)
+++ libselinux/src/av_perm_to_string.h (working copy)
@@ -266,3 +266,4 @@
S_(SECCLASS_KEY, KEY__SETATTR, "setattr")
S_(SECCLASS_KEY, KEY__CREATE, "create")
S_(SECCLASS_CONTEXT, CONTEXT__TRANSLATE, "translate")
+ S_(SECCLASS_CONTEXT, CONTEXT__CONTAINS, "contains")
This patch is obviously fine as long as the corresponding policy patch is
accepted.
Acked-by: Stephen Smalley <[EMAIL PROTECTED]>
--
Stephen Smalley
National Security Agency
--
redhat-lspp mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/redhat-lspp
