On Thu, 5 Mar 2009, Eric Paris wrote: > When I did open permissions I didn't think any sockets would have an open. > Turns out AF_UNIX sockets can have an open when they are bound to the > filesystem namespace. This patch adds a new SOCK_FILE__OPEN permission. > It's safe to add this as the open perms are already predicated on > capabilities and capabilities means we have unknown perm handling so > systems should be as backwards compatible as the policy wants them to > be. > > https://bugzilla.redhat.com/show_bug.cgi?id=475224 > > Signed-off-by: Eric Paris <eparis@xxxxxxxxxx> Applied. -- James Morris <jmorris@xxxxxxxxx> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
