I don't know if these will help but I have a couple of examples in the SELinux Notebook tarball in the libselinux/example directory available from:
http://freecomputerbooks.com/The-SELinux-Notebook-The-Foundations.html The examples are: setcon_thread1_example.c + policy-modules/setcon_example.conf setcon_thread2_example.c + policy-modules/setcon_thread_example.conf Just noticed a typo in setcon_thread2_example.c: "1) Ensure the setcon_example.conf policy module has been " "loaded but NOT the\n setcon_example.conf policy module.\n\n" Should read: "1) Ensure the setcon_example.conf policy module has been " "loaded but NOT the\n setcon_thread_example.conf policy module.\n\n" Richard ----- Original Message ----- > From: Stephen Smalley <[email protected]> > To: William Roberts <[email protected]>; Stephen Smalley > <[email protected]> > Cc: "[email protected]" <[email protected]> > Sent: Friday, 5 December 2014, 13:28 > Subject: Re: typebounds and threads > > On 12/04/2014 05:14 PM, William Roberts wrote: >> >> >> On Thu, Dec 4, 2014 at 1:01 PM, Stephen Smalley >> <[email protected] <mailto:[email protected]>> > wrote: >> >> It has to be initiated explicitly by that thread calling setcon(3) >> >> >> Ok getting closer. So the setcon has to be done prior to creating any >> other threads per the man page > > No, that's only true in the non-bounded case. The man page was never > updated for typebounds I guess. With a bounded type, you can call > setcon() from a child thread, and that's exactly what you need to do if > you want the child to have a different context than the parent. > > > _______________________________________________ > Seandroid-list mailing list > [email protected] > To unsubscribe, send email to [email protected]. > To get help, send an email containing "help" to > [email protected]. > _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
