Searched hist:b0c636b99997c8594da6a46e166ce4fcf6956fda (Results 1 – 4 of 4) sorted by relevance
| /openbmc/linux/security/selinux/include/ |
| H A D | security.h | diff b0c636b99997c8594da6a46e166ce4fcf6956fda Thu Feb 28 11:58:40 CST 2008 Eric Paris <eparis@redhat.com> SELinux: create new open permission
Adds a new open permission inside SELinux when 'opening' a file. The idea
is that opening a file and reading/writing to that file are not the same
thing. Its different if a program had its stdout redirected to /tmp/output
than if the program tried to directly open /tmp/output. This should allow
policy writers to more liberally give read/write permissions across the
policy while still blocking many design and programing flaws SELinux is so
good at catching today.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Reviewed-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
|
| /openbmc/linux/security/selinux/ |
| H A D | selinuxfs.c | diff b0c636b99997c8594da6a46e166ce4fcf6956fda Thu Feb 28 11:58:40 CST 2008 Eric Paris <eparis@redhat.com> SELinux: create new open permission
Adds a new open permission inside SELinux when 'opening' a file. The idea
is that opening a file and reading/writing to that file are not the same
thing. Its different if a program had its stdout redirected to /tmp/output
than if the program tried to directly open /tmp/output. This should allow
policy writers to more liberally give read/write permissions across the
policy while still blocking many design and programing flaws SELinux is so
good at catching today.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Reviewed-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
|
| H A D | hooks.c | diff b0c636b99997c8594da6a46e166ce4fcf6956fda Thu Feb 28 11:58:40 CST 2008 Eric Paris <eparis@redhat.com> SELinux: create new open permission
Adds a new open permission inside SELinux when 'opening' a file. The idea
is that opening a file and reading/writing to that file are not the same
thing. Its different if a program had its stdout redirected to /tmp/output
than if the program tried to directly open /tmp/output. This should allow
policy writers to more liberally give read/write permissions across the
policy while still blocking many design and programing flaws SELinux is so
good at catching today.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Reviewed-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
|
| /openbmc/linux/security/selinux/ss/ |
| H A D | services.c | diff b0c636b99997c8594da6a46e166ce4fcf6956fda Thu Feb 28 11:58:40 CST 2008 Eric Paris <eparis@redhat.com> SELinux: create new open permission
Adds a new open permission inside SELinux when 'opening' a file. The idea
is that opening a file and reading/writing to that file are not the same
thing. Its different if a program had its stdout redirected to /tmp/output
than if the program tried to directly open /tmp/output. This should allow
policy writers to more liberally give read/write permissions across the
policy while still blocking many design and programing flaws SELinux is so
good at catching today.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Reviewed-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
|