stacking get/setprocattr support patches

From: serue@private
Date: Tue May 31 2005 - 10:56:13 PDT

Previous message: Stephen Smalley: "Re: nominal lsm module example"
Next in thread: Stephen Smalley: "Re: stacking get/setprocattr support patches"
Reply: Stephen Smalley: "Re: stacking get/setprocattr support patches"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Attached are two patches to make procattr shareable by >1
LSM.  The first patch applies on top of the current set of
stacker patches from sf.net/projects/lsm-stacker, and
modifies stacker.c.  The second patch is to the sf.net
libselinux sources.

Since I took Mimi's idea of switching from
	selinux: user:role:type
to
	user:role:type (selinux)

for both get and setprocattr, no patch is needed for
ps so long as it's ok to output the data from only the
first LSM to output data.

These patches have been tested

	with stacker and an unpatched libselinux
	with stacker and a patched libselinux
	without stacker and a patched libselinux

and all worked as expected.

Any comments are much appreciated.

thanks,
-serge

text/plain attachment: stacker-procattr.patch

text/plain attachment: libselinux-stack.patch

Previous message: Stephen Smalley: "Re: nominal lsm module example"
Next in thread: Stephen Smalley: "Re: stacking get/setprocattr support patches"
Reply: Stephen Smalley: "Re: stacking get/setprocattr support patches"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Tue May 31 2005 - 10:53:18 PDT