Jacques Thomas wrote: > KaiGai Kohei wrote: > > <snip> </snip> >> I also think we have one other a rough option. >> It simply applies type boundaries on only sources to restrict its privileges, >> and it does not apply any restrictions on target types. >> >> > > Unless there is a clear use for bounds on targets, I would favor this > option. (The "rough" one :-) ) > I see mostly room for confusion with the bounds on target types, because > of the contravariance issue. > I can write and submit a patch along these lines. The patch is straightforward: I just have to remove the "dead" code. However, could someone please indicate me how I am supposed to test the patch ? In other words, is there a standardized testing procedure that I am unaware of ? Thank you, Jacques -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
