-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 David Howells wrote: > Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: > >> Ah, wait - this is an automatic allocation of a per-uid keyring upon a >> setuid() call, right? > > Yes. > >> and a single Linux uid might ultimately have a number of SELinux security >> contexts running on its behalf. > > Indeed. It's not something that anyone considered at the time, I suppose. > > David > > -- > This message was distributed to subscribers of the selinux mailing list. > If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with > the words "unsubscribe selinux" without quotes as the message. David, we need a method of querying the keyring to see what the selinux context that is associated with it. For debugging purposes. Currently we can not tell whether the policy is correct or not, since we have no way to ask the keyring for its label. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFHO1korlYvE4MpobMRAoruAKDTG5sR2NohyeorC54htOn9/echHgCfYvKH JwjEmAskBq6lezg/UfN74D8= =NQJJ -----END PGP SIGNATURE----- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
