On Wednesday 12 March 2008 08:52:55 am Stephen Smalley wrote:
> Only question I have is whether audit folks are ok with reuse of the
> flags in this manner
I am not going to have time to look at this until next week. I don't know how
much help I can be since I don't actually have a system that wo
Stephen Smalley wrote:
> On Wed, 2008-03-12 at 08:40 -0700, Casey Schaufler wrote:
>> --- Stephen Smalley <[EMAIL PROTECTED]> wrote:
>>
>>> On Wed, 2008-03-12 at 04:44 +0200, Ahmed S. Darwish wrote:
Hi!,
Setup the new Audit hooks for Smack. The AUDIT_SUBJ_USER and
AUDIT_OBJ_USE
--- "Ahmed S. Darwish" <[EMAIL PROTECTED]> wrote:
>
> > Perhaps I misunderstand, but Smack labels don't represent users (i.e.
> > user identity) in any way, so it seemed like a mismatch to use the _USER
> > flag there. Whereas types in SELinux bear some similarity to Smack
> > labels - simple u
On Wed, Mar 12, 2008 at 11:48:17AM -0400, Stephen Smalley wrote:
>
> On Wed, 2008-03-12 at 08:40 -0700, Casey Schaufler wrote:
> > --- Stephen Smalley <[EMAIL PROTECTED]> wrote:
> >
> > >
> > > On Wed, 2008-03-12 at 04:44 +0200, Ahmed S. Darwish wrote:
> > > > Hi!,
> > > >
> > > > Setup the new
On Wed, 2008-03-12 at 08:40 -0700, Casey Schaufler wrote:
> --- Stephen Smalley <[EMAIL PROTECTED]> wrote:
>
> >
> > On Wed, 2008-03-12 at 04:44 +0200, Ahmed S. Darwish wrote:
> > > Hi!,
> > >
> > > Setup the new Audit hooks for Smack. The AUDIT_SUBJ_USER and
> > > AUDIT_OBJ_USER SELinux flags
--- Stephen Smalley <[EMAIL PROTECTED]> wrote:
>
> On Wed, 2008-03-12 at 04:44 +0200, Ahmed S. Darwish wrote:
> > Hi!,
> >
> > Setup the new Audit hooks for Smack. The AUDIT_SUBJ_USER and
> > AUDIT_OBJ_USER SELinux flags are recycled to avoid `auditd'
> > userspace modifications. Smack only n
On Wed, 2008-03-12 at 04:44 +0200, Ahmed S. Darwish wrote:
> Hi!,
>
> Setup the new Audit hooks for Smack. The AUDIT_SUBJ_USER and
> AUDIT_OBJ_USER SELinux flags are recycled to avoid `auditd'
> userspace modifications. Smack only needs auditing on
> a subject/object bases, so those flags were
--- "Ahmed S. Darwish" <[EMAIL PROTECTED]> wrote:
> Hi!,
>
> Setup the new Audit hooks for Smack. The AUDIT_SUBJ_USER and
> AUDIT_OBJ_USER SELinux flags are recycled to avoid `auditd'
> userspace modifications. Smack only needs auditing on
> a subject/object bases, so those flags were enough.
Hi!,
Setup the new Audit hooks for Smack. The AUDIT_SUBJ_USER and
AUDIT_OBJ_USER SELinux flags are recycled to avoid `auditd'
userspace modifications. Smack only needs auditing on
a subject/object bases, so those flags were enough.
Signed-off-by: Ahmed S. Darwish <[EMAIL PROTECTED]>
---
smac
