On Mon, Aug 10, 2009 at 1:28 PM, Paul Moore<paul.moore@xxxxxx> wrote: > Add support for the new TUN LSM hooks: security_tun_dev_create(), > security_tun_dev_post_create() and security_tun_dev_attach(). This includes > the addition of a new object class, tun_socket, which represents the socks > associated with TUN devices. The _tun_dev_create() and _tun_dev_post_create() > hooks are fairly similar to the standard socket functions but _tun_dev_attach() > is a bit special. The _tun_dev_attach() is unique because it involves a > domain attaching to an existing TUN device and its associated tun_socket > object, an operation which does not exist with standard sockets and most > closely resembles a relabel operation. Looks good to me, feel free to add my Ack -Eric -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
