On Sunday 11 November 2007 5:34:27 pm James Morris wrote:
> On Fri, 9 Nov 2007, Paul Moore wrote:
> > + /* Between selinux_compat_net and selinux_policycap_netpeer this is
> > +* starting to get a bit messy - we need to setup a timetable for
> > +* deprecating some of this old/obsolete fu
On Fri, 9 Nov 2007, Paul Moore wrote:
> + /* Between selinux_compat_net and selinux_policycap_netpeer this is
> + * starting to get a bit messy - we need to setup a timetable for
> + * deprecating some of this old/obsolete functionality so we can
> + * reclaim some level of sani
Rename the existing selinux_skb_extlbl_sid() function to
selinux_skb_peerlbl_sid() and modify it's behavior such that it now reconciles
multiple peer/external labels and if reconciliation is not possible it returns
an error to the caller.
---
security/selinux/hooks.c| 94 +++
