On Fri, 2010-01-08 at 11:35 -0800, Usman S. Ansari wrote:
> I have written a driver for Linux kernel, in this driver I am using sk_security field for driver's internal data structure. This means that if SELinux is enabled, it will have conflict with my driver. For this reason, I run my driver with SELinux disabled.
>
> I want to know if it is possible to, only enable security on files and not on network objects ?
>
> >From what I have read about SELinux, it looks like this it possible, I just need conformation. And if this is possible, will SELinux need to use sk_security filed or not.
>
> If this is wrong list, please let me know appropriate place.
>
> Thanks.
No, not possible (and not a legitimate use of that field by your driver
regardless). From 2006:
commit c2b507fda390b8ae90deba9b8cdc3fe727482193
Author: Stephen Smalley <sds@xxxxxxxxxxxxx>
Date: Sat Feb 4 23:27:50 2006 -0800
[PATCH] selinux: require SECURITY_NETWORK
Make SELinux depend on SECURITY_NETWORK (which depends on SECURITY), as it
requires the socket hooks for proper operation even in the local case.
--
Stephen Smalley
National Security Agency
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
