Stephen Smalley wrote: > If there are no local boolean or user files present, then the > libselinux load policy logic can disable setlocaldefs early and thus > avoid creating a writable mapping of the policy as well as avoiding > the overhead of calling the sepol functions for manipulating local > boolean and user files altogether. This is cleaner than changing > the default for the config option, as it will fall back to compatibility > behavior for older distributions. Thus, this change should not change > behavior for RHEL 4. > > Signed-off-by: Stephen Smalley <sds@xxxxxxxxxxxxx> That does seem like a cleaner solution and will simplify things for people using newer toolchains on RHEL 4. Acked-by: Todd C. Miller <tmiller@xxxxxxxxxx> - todd -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
