On 10/05/2015 07:38 PM, Roberts, William C wrote: > We have an application that creates an anonymous local socket and passes the > fd via IPC to 3^rd party (untrusted_app) applications. The socket itself has > the label of the application. What are my options here? Mlstrustedsubject the > application or get the callers to setsockcreatecon() prior to creating the > socket? Any others?
If the app is intended to service requests from apps running for any user, then making its domain a mlstrustedsubject makes sense. _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
