From: [EMAIL PROTECTED]
Date: Thu, 08 Jun 2006 22:20:54 -0700
> This patch:
>
> Add support for a new object class ('packet'), and associated permissions
> ('send', 'recv', 'relabelto'). These are used to enforce security policy for
> network packets labeled with SECMARK, and for adding labeling
From: James Morris <[EMAIL PROTECTED]>
Secmark implements a new scheme for adding security markings to packets via
iptables, as well as changes to SELinux to use these markings for security
policy enforcement. The rationale for this scheme is explained and discussed
in detail in the original thr