|
Hi Russell, I have not got your idea. We could have an attribute for all unix_stream_socket types, but all types in this attribute would still be the domain type too. What I have been trying to do with these patches it have a chance to make socket object have a different type than its creator. Could you kindly further elaborate a bit more about your intention for such attribute? Thanks, Harry > Subject: Re: [v2 PATCH 0/3] SELinux: separate socket type than its creator > From: russell@xxxxxxxxxxxx > Date: Wed, 9 Mar 2011 19:30:57 +1100 > To: harrytaurus2002@xxxxxxxxxxx; qingtao.cao@xxxxxxxxxxxxx; sds@xxxxxxxxxxxxx; jmorris@xxxxxxxxx; eparis@xxxxxxxxxxxxxx > CC: selinux@xxxxxxxxxxxxx > > Why not have a separate attribute for unix domain sockets? > -- > My blog http://etbe.coker.com.au > > -- > This message was distributed to subscribers of the selinux mailing list. ! > If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with > the words "unsubscribe selinux" without quotes as the message. |
