Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRe: [RFC][PATCH] collect security labels on user processes generating audit messages
From: James Morris <jmorris_at_redhat.com>
Date: Thu, 9 Feb 2006 09:58:48 -0500 (EST)
> 1) A new SELinux interface was introduced to give other parts of the Please look at the way I intend to export SELinux APIs in: http://people.redhat.com/jmorris/selinux/skfilter/kernel/12-skfilter-selinux-exports.patch
> +++ b/include/linux/netlink.h You also need to verify the policy serial number. I wonder if it might be better to use the security context directly.
> @@ -460,11 +464,26 @@ static int audit_receive_msg(struct sk_b This is embedding SELinux specific code into the audit code. I think you need to add some audit/SELinux glue code which disappears if SELinux is not enabled.
> + NETLINK_CB(skb).secid = security_task_getsid(current); security_task_getsid() doesn't exist. You created security_task_getsecurity(), which retrieves the security context.
-- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Thu 9 Feb 2006 - 09:59:08 EST |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |