On Mon, 2010-08-02 at 14:48 -0400, Eric Paris wrote: > Why do we have a separate policydb_index_classes() and > policydb_index_others() ? It looks to me like I should be able to merge > them both into policydb_index_others(). Is there something I'm missing > or a reason I shouldn't do that? You don't really want to allow classes to mingle with others - who knows what will result? ;) No, there isn't any reason to not fold them together in the kernel. They are separate due to their origins in the policy compiler toolchain code, where they do get called at different times. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
