Christopher J. PeBenito wrote: > On Wed, 2008-06-18 at 15:53 +0900, KaiGai Kohei wrote: >> Christopher J. PeBenito wrote: >>>>> 2. the stored procedure type names have been in the back of my mind for >>>>> long time but I couldn't come up with a good naming scheme. This >>>>> especially bugged me for the sepgsql_trusted_domain_t and >>>>> sepgsql_trusted_proc_t. Why not just go with what we do with regular >>>>> domains and executables: sepgsql_trusted_proc_t and >>>>> sepgsql_trusted_proc_exec_t? >>>> I don't have a clear reason for the naming of them. >>>> sepgsql_trusted_proc_t and sepgsql_trusted_proc_exec_t are more suitable >>>> for the purpose, I also think. >>> It seems that we should also rename $1_sepgsql_proc_t for consistency. >> Sorry for late reply. >> >> At first, $1_sepgsql_proc_t lost the term of "trusted", so its name >> does not shows its purpose. > > No, I mean having a $1_sepgsql_proc_t and $1_sepgsql_proc_exec_t. Do you intend the following domain transition? user_t + user_sepgsql_proc_exec_t -> user_sepgsql_proc_t Is there any reason why users should not invoke their functions without domain transition? The purpose of $1_sepgsql_proc_t is to avoid unconfined domain to invoke user defined function (may be malicious one) without checking its safeness. Thanks, -- OSS Platform Development Division, NEC KaiGai Kohei <kaigai@xxxxxxxxxxxxx> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
