On Fri, 2004-08-27 at 16:23, Chris Wright wrote: > I think this is reasonble consolidation into sigio_perm. Could add the > signal value that will be used. It seems that having a permission > check that can be bypassed by user is bad idea. Does SELinux validate > the signum at fctnl setsig time? No, we just map fown->signum or SIGIO if it is 0 to the appropriate signal permission in the selinux_file_send_sigiotask hook. So we likely do need to have the caller pass the signal to sigio_perm and then onto the security hook so that we can distinguish SIGURG appropriately. -- Stephen Smalley <sds@private> National Security Agency
This archive was generated by hypermail 2.1.3 : Fri Aug 27 2004 - 13:30:40 PDT