Re: [RFC] [Stacking v4 2/3] New version of SELinux patch to support stacking

From: Stephen Smalley (sds@private)
Date: Wed Dec 08 2004 - 12:28:30 PST

Previous message: Serge Hallyn: "Re: [RFC] [Stacking v4 2/3] New version of SELinux patch to support stacking"
In reply to: Serge Hallyn: "Re: [RFC] [Stacking v4 2/3] New version of SELinux patch to support stacking"
Next in thread: Chris Wright: "Re: [RFC] [Stacking v4 2/3] New version of SELinux patch to support stacking"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Wed, 2004-12-08 at 16:37, Serge Hallyn wrote:
> But you still want cap_vm_enough_memory() to ask for selinux
> avc_has_perm_noaudit if cap_capable() failed, right?  So might it be
> better to create a new vm_may_exceed() hook, where the commoncap version
> is simply

We don't really control resource allocation via SELinux today - that
will be something we ultimately want to support, but it isn't crucial
presently.

-- 
Stephen Smalley <sds@private>
National Security Agency

Previous message: Serge Hallyn: "Re: [RFC] [Stacking v4 2/3] New version of SELinux patch to support stacking"
In reply to: Serge Hallyn: "Re: [RFC] [Stacking v4 2/3] New version of SELinux patch to support stacking"
Next in thread: Chris Wright: "Re: [RFC] [Stacking v4 2/3] New version of SELinux patch to support stacking"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Wed Dec 08 2004 - 12:37:06 PST