[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [RFC][PATCH] collect security labels on user processes generating audit messages



On Wed, 2006-02-15 at 11:17 -0500, Stephen Smalley wrote:
> On Wed, 2006-02-15 at 09:49 -0600, Timothy R. Chavez wrote:
> > This makes sense to me.  I'll go ahead and make the change.  I wouldn't
> > even technically need the function or function call in my patch since
> > selinux_available() simply returns ss_initialized.
> 
> Well, I think we want to keep that variable private to the SELinux
> "module".  In the future, we'll likely add proper namespace prefixes to
> all non-static SELinux symbols to avoid polluting the kernel namespace.
>  

I think maybe I miscommunicated my intentions.  If I move the check to
determine whether or not SELinux is enabled into selinux_id_to_ctx(),
then I can simply use ss_initialized directly rather then calling
selinux_available(), as I'll be making the check within the SELinux
"module" (selinux/exports.c).

-tim


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]