[redhat-lspp] Re: [PATCH 1/3] Re: MLS enforcing PTYs, sshd, and newrole
Stephen Smalley
sds at tycho.nsa.gov
Tue Oct 31 14:20:54 UTC 2006
On Mon, 2006-10-30 at 15:03 -0500, James Antill wrote:
> On Fri, 2006-10-27 at 14:38 -0400, Stephen Smalley wrote:
>
> > Look at Darrel's patch for mcstransd to apply a permission check between
> > the level of the caller and the level being translated for context
> > translations.
>
> Thanks to much discussion with Dan and Stephen, I'm pretty sure I have
> this correct now.
>
> Here is the libselinux part of the patch (reference policy and PAM are
> next).
transition is a bit misleading as a name - you are checking a contains
relationship between two contexts, not transitioning between them.
--
Stephen Smalley
National Security Agency
More information about the redhat-lspp
mailing list