[RFC][PATCH] collect security labels on user processes generating audit messages
Darrel Goeddel
dgoeddel at trustedcs.com
Thu Feb 9 15:10:16 UTC 2006
James Morris wrote:
> On Wed, 8 Feb 2006, Timothy R. Chavez wrote:
>
>
>>1) A new SELinux interface was introduced to give other parts of the
>>kernel the ability to resolve 'sids' into security labels.
>
>
> Please look at the way I intend to export SELinux APIs in:
> http://people.redhat.com/jmorris/selinux/skfilter/kernel/12-skfilter-selinux-exports.patch
This looks good. I'm also working on some interfaces to export from selinux to
enable efficient audit selection based on SELinux context and I was contemplating
on exactly where to put the goods. Can we get a consensus on declaration/definition
locations? "include/linux/selinux.h" and "security/selinux/exports.c" seem good to me.
--
Darrel
More information about the Linux-audit
mailing list