On Thu, 28 Feb 2008, Eric Paris wrote: > Adds a new open permission inside SELinux when 'opening' a file. The > idea is that opening a file and reading/writing to that file are not the > same thing. Its different if a program had its stdout redirected > to /tmp/output than if the program tried to directly open /tmp/output. > This should allow policy writers to more liberally give read/write > permissions across the policy while still blocking many design and > programing flaws SELinux is so good at catching today. > > Signed-off-by: Eric Paris <eparis@xxxxxxxxxx> Applied to git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6.git#next -- James Morris <jmorris@xxxxxxxxx> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
