SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Research Skip Research Menus Research Menu Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: [SEPOL][SEMANAGE] Nodecon Support: Try 1 This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] From: Ivan Gyurdiev <ivg2_at_cornell.edu> Date: Fri, 10 Feb 2006 18:21:25 -0500 > Attached is a resync of the same patch to current CVS. Ok, this patch needs more work, I guess. According to Chad Hanson (on IRC) the kernel reorders by netmask, which will not work with this patch. If this is the case, then this problem is equivalent to the issue with ports - namely, the strategy to replace exact key match, and prepend everything else in front does not work, and creates problems. The code needs to be smarter on updates - needs to edit port ranges and nodecon entries that are overridden locally, and make the appropriate changes. Other comments by Chad: - no preference on byte order - should probably follow policy convention (network byte order?) - byte arrays are better than integer ones -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Fri 10 Feb 2006 - 18:22:01 EST This message: [ Message body ] Next message: Serge E. Hallyn: "seref: patch: postfix and roles" Previous message: Ivan Gyurdiev: "[SEMANAGE] Fix parse_optional_ch" In reply to: Ivan Gyurdiev: "Re: [SEPOL][SEMANAGE] Nodecon Support: Try 1" Next in thread: Stephen Smalley: "Re: [SEPOL][SEMANAGE] Nodecon Support: Try 1" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom