On Tue, Aug 4, 2009 at 5:22 PM, Paul Moore<paul.moore@xxxxxx> wrote: > Add support for the new TUN LSM hooks: security_tun_dev_create(), > security_tun_dev_post_create() and security_tun_dev_attach(). This includes > the addition of a new object class, tun_socket, which represents the socks > associated with TUN devices. The _tun_dev_create() and _tun_dev_post_create() > hooks are fairly similar to the standard socket functions but _tun_dev_attach() > is a bit special. The _tun_dev_attach() is unique because it involves a > domain attaching to an existing TUN device and its associated tun_socket > object, an operation which does not exist with standard sockets and most > closely resembles a relabel operation. > > This patch also includes a new policy capability, tun_perms, to ensure that > the new access controls do not affect older SELinux policies. I think we finally have the first patch where the 'handle_unknown' stuff fits better than the policy capabilities work! First time for everything! I'd suggest dropping the policy capability all together and the checks will be applied when the class and perm is defined in the loaded policy. If the class+perm isn't defined in policy the policy handle_unknown setting will define the result of the security check. whoo hoo, saves 32bits of memory and 2 branches on low use operations! -Eric -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
