PHP/SELinux: libselinux wrappers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

I tried to implement libselinux wrappers for PHP.

It requires the following steps to build.

 $ svn checkout http://sepgsql.googlecode.com/svn/misc/php-selinux
 $ cd php-selinux
 $ ./build-php-selinux.sh  /tmp/php-5.2.6-4.src.rpm

 (*) You have to get the source rpm package from somewhere.

It is a conceptual implementation earlier than submitting
to PHP developer's community.

Please comment anything, if you have.
I have a plan to submit it to them with some more works like
documentation, test cases.

Thanks,

---------------------------------
  Already implemented functions
---------------------------------
selinux_is_enabled
selinux_mls_is_enabled
/*
 * /proc/<PID>/attr functions
 */
selinux_getcon
selinux_getcon_raw
selinux_setcon
selinux_setcon_raw
selinux_getpidcon
selinux_getpidcon_raw
selinux_getprevcon
selinux_getprevcon_raw
selinux_getexeccon
selinux_getexeccon_raw
selinux_setexeccon
selinux_setexeccon_raw
selinux_getfscreatecon
selinux_getfscreatecon_raw
selinux_setfscreatecon
selinux_setfscreatecon_raw
selinux_getkeycreatecon
selinux_getkeycreatecon_raw
selinux_setkeycreatecon
selinux_setkeycreatecon_raw
selinux_getsockcreatecon
selinux_getsockcreatecon_raw
selinux_setsockcreatecon
selinux_setsockcreatecon_raw

/*
 * Get file context
 */
selinux_getfilecon
selinux_getfilecon_raw
selinux_lgetfilecon
selinux_lgetfilecon_raw
selinux_fgetfilecon
selinux_fgetfilecon_raw

/*
 * Set file context
 */
selinux_setfilecon
selinux_setfilecon_raw
selinux_lsetfilecon
selinux_lsetfilecon_raw
selinux_fsetfilecon
selinux_fsetfilecon_raw

/*
 * Labeled Networking
 */
selinux_getpeercon
selinux_getpeercon_raw

/*
 * get initial context
 */
selinux_get_initial_context
selinux_get_initial_context_raw

/*
 * sanity check in security context
 */
selinux_check_context
selinux_check_context_raw
selinux_canonicalize_context
selinux_canonicalize_context_raw

/*
 * global setting related
 */
selinux_getenforce
selinux_setenforce
selinux_policyvers

/*
 * booleans
 */
selinux_get_boolean_names
selinux_get_boolean_pending
selinux_get_boolean_active
selinux_set_boolean
selinux_commit_booleans

/*
 * mcstrans
 */
selinux_trans_to_raw_context
selinux_raw_to_trans_context

-- 
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai@xxxxxxxxxxxxx>

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux