On Thu, Jan 13, 2005 at 11:16:06AM -0500, Stephen Smalley wrote:
> On Wed, 2005-01-12 at 18:32, Luke Kenneth Casson Leighton wrote:
> > would you accept that that could be done at policy compile time,
> > and that it would be unnecessary to do that at runtime?
>
> No, it cannot be done at policy compile time, because the information
> (the combinations of types on files) is not captured in the policy.
> file_contexts is not authoritative and is not part of the policy, and
> the only authoritative source of information about the file attributes
> is the on-disk version. Full filesystem traversal required to do the
> analysis you propose. No examination of file_contexts or filesystem
> state required to do current analysis of potential information flow
> throughout the system.
 

  i believed that it would be acceptable to have as part of the   intermediate stage a full filesystem traversal, but as i mentioned   in the reply to james, i woke up with an insight into a flaw of   what i am advocating and cannot now remember what it is!   

  sorry!

  l.,

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.