On Thu, 2009-10-01 at 07:46 +1000, James Morris wrote: > On Wed, 30 Sep 2009, Stephen Smalley wrote: > > > Does anyone think we still need to support policy versions < > > POLICYDB_VERSION_NLCLASS (18)? If not, then we can just drop the > > dynamic remapping of netlink classes in the security server: > > if (policydb_loaded_version < POLICYDB_VERSION_NLCLASS) > > if (tclass >= SECCLASS_NETLINK_ROUTE_SOCKET && > > tclass <= SECCLASS_NETLINK_DNRT_SOCKET) > > tclass = SECCLASS_NETLINK_SOCKET; > > > > I think RHEL4 shipped with policy.18. > > Was any distro shipped with a lower policy version? If not, then I think > it should be ok. policy.18 was first supported by Linux 2.6.8. I think the only distro to ship with SELinux enabled and Linux < 2.6.8 would have been Fedora Core 2, which is long since EOL'd and even akpm doesn't run it anymore. Not sure about Hardened Gentoo - Chris and/or Joshua? Debian selinux packages predated Fedora, of course, but weren't mainstreamed into Debian until much later. I didn't yet remove this logic in my patches, but will do so if there are no objections. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
