On Wed, 1 Aug 2001, Lachlan McIlroy wrote: > We intend to provide extended attributes on the files in > /proc so that they will be protected by MAC labels. This > will probably require changes to the vfs interface and > adding routines for getting/setting extended attributes > in the procfs. Both the original SELinux prototype and the new LSM-based SELinux prototype bind security contexts to procfs entries and protect them accordingly. The /proc/PID entries are labeled with the security context of the owning process. -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Aug 01 2001 - 08:41:33 PDT