On 05/08/2013 01:58 AM, William Roberts wrote:
I'm diffing some stuff right now, and just noticed something I missed
before....
We are setting the socketcontext above the create_socket() call, but the
create_socket() function
calls a setfscreatecon(scon) based on looking it up in the file contexts,
why don't we just add
in setsocketcreatecon(scon) there as well?
This way the behavior is use the default or whatever is in file_contexts...
Different object, different security context.
Unix/local domain sockets have two objects associated with them: the
socket itself (labeled with the security context of the creating
process) and the file used to name the socket (labeled with a file
security context). The file_contexts entry is only for the latter, not
the former.
--
This message was distributed to subscribers of the seandroid-list mailing list.
If you no longer wish to subscribe, send mail to [email protected] with
the words "unsubscribe seandroid-list" without quotes as the message.
