| To: | Stephen Smalley <sds@xxxxxxxxxxxxx> |
|---|---|
| Subject: | Re: [PATCH] Fix SELinux for removal of i_sock |
| From: | "David S. Miller" <davem@xxxxxxxxxxxxx> |
| Date: | Fri, 1 Apr 2005 12:35:20 -0800 |
| Cc: | jmorris@xxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx, matthew@xxxxxx |
| In-reply-to: | <1112385997.14481.192.camel@moss-spartans.epoch.ncsc.mil> |
| References: | <1112385997.14481.192.camel@moss-spartans.epoch.ncsc.mil> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
On Fri, 01 Apr 2005 15:06:37 -0500 Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: > This patch against -bk eliminates the use of i_sock by SELinux as it > appears to have been removed recently, breaking the build of SELinux in > -bk. Simply replacing the i_sock test with an S_ISSOCK test would be > unsafe in the SELinux code, as the latter will also return true for the > inodes of socket files in the filesystem, not just the actual socket > objects IIUC. Hence this patch reworks the SELinux code to avoid the > need to apply such a test in the first place, part of which was > obsoleted anyway by earlier changes to SELinux. Please apply. > > Signed-off-by: Stephen Smalley <sds@xxxxxxxxxxxxx> > Signed-off-by: James Morris <jmorris@xxxxxxxxxx> Applied, thanks Stephen. |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [BUG] overflow in net/ipv4/route.c rt_check_expire(), David S. Miller |
|---|---|
| Next by Date: | Re: [BUG] overflow in net/ipv4/route.c rt_check_expire(), Eric Dumazet |
| Previous by Thread: | [PATCH] Fix SELinux for removal of i_sock, Stephen Smalley |
| Next by Thread: | Re: [PATCH] Fix SELinux for removal of i_sock, Stephen Smalley |
| Indexes: | [Date] [Thread] [Top] [All Lists] |