On 01/03/2013 04:08 PM, William Roberts wrote:
Is their a way to change the ending inode context, the one under sdcard? vfat only supports one contexts correct?
You can't set an individual security context on a vfat file because the filesystem type doesn't support storing per-file security attributes. No different than uid/gid and any mode bit not supported by vfat. If you had multiple vfat mounts, then you could label each one of them differently. But not per-file within a mount. And they have to be mounts with separate backing store.
Just to verify, it looks like it is doing this, each inode's context is checked against the policy along the way, correct?
The inode is labeled with the appropriate context when it is created, and then that context is used in permission checks on that inode when it is accessed.
-- This message was distributed to subscribers of the seandroid-list mailing list. If you no longer wish to subscribe, send mail to [email protected] with the words "unsubscribe seandroid-list" without quotes as the message.
