[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Audit perms check on recv (Re: Two netlink patches)



On Fri, 2004-12-24 at 11:28, Serge E. Hallyn wrote:
> > The basic approach seems reasonable to me.  The untested patch below
> > should change SELinux to fit with this approach; it calls the secondary
> 
> Thanks.  The attached patch includes this patch, but I won't be able to
> test the SELinux part until I get back to the office after next week.  In
> the meantime I'll also look into taking the audit checks out of
> selinux_netlink_send() as you mentioned in the other email.

I'd hold off on removing the SELinux audit checks for now, even if they
are redundant.  I think we'll need to phase them out gradually while
adjusting policy at the same time.

-- 
Stephen Smalley <sds epoch ncsc mil>
National Security Agency


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]