On Wed, 2003-04-23 at 14:45, Christoph Hellwig wrote: > Randomly userland shouldn't deal with these xattrs. Remember you are > talking about the ondisk represenation of your labelling - nothing > but the labelling tools should ever touch it. Not true. ls should be able to display the security label. find should be able to locate files that have specific security labels. cp should be able to preserve the security label on copies. logrotate should be able to preserve the security label when rotating logs. crond should be able to check the security label on a crontab spool file to verify consistency with the user's credentials with which the cron job will run. login/sshd need to set the security label on the user's terminal device. You'll find plenty of examples of patched userland in SELinux, but none of these patches are specific to a particular set of security attributes. They just handle them as strings. -- Stephen Smalley <sdsat_private> National Security Agency _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Apr 23 2003 - 12:18:32 PDT