On Wed, 23 Jan 2008, David Howells wrote:
> Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
>
> > Make sure that you or Dan submits a policy patch to register these
> > classes and permissions in the policy when the kernel patch is queued
> > for merge.
>
> Do I just send the attached patch to <selinux@xxxxxxxxxxxxx>?
That should be enough (and that list is on the cc).
>Or do I need to
> make a diff from a point in the tree nearer the root? Is there anything else
> I need to alter whilst I'm at it?
>
> David
> ---
> Index: policy/flask/security_classes
> ===================================================================
> --- policy/flask/security_classes (revision 2573)
> +++ policy/flask/security_classes (working copy)
> @@ -109,4 +109,7 @@
> # network peer labels
> class peer
>
> +# kernel services that need to override task security
> +class kernel_service
> +
> # FLASK
> Index: policy/flask/access_vectors
> ===================================================================
> --- policy/flask/access_vectors (revision 2573)
> +++ policy/flask/access_vectors (working copy)
> @@ -736,3 +736,10 @@
> {
> recv
> }
> +
> +# kernel services that need to override task security
> +class kernel_service
> +{
> + use_as_override
> + create_files_as
> +}
> -
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
--
James Morris
<jmorris@xxxxxxxxx>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
