|
How about permitted rather then allowed. On 04/29/2014 10:59 PM, Eric Paris
wrote:
On Tue, 2014-04-29 at 16:54 -0700, Stephen Smalley wrote:Requested for Android in order to distinguish denials that are not in fact breaking anything yet due to permissive domains versus denials that are being enforced, but seems generally useful. result field was already in the selinux audit data structure and was being passed to avc_audit() but wasn't being used. Seems to cause no harm to ausearch or audit2allow to add it as a field. Comments?I think it's a great idea, but I'm worried that Steve is going to get grumpy because an AVC record is going to have a result= field which is similar, but not necessarily related to the res= field of a SYSCALL record. Seems easily confused (although probably 9999 times out of 10000 they will be the same) So while I wholeheartedly think we should take the idea, I wonder if someone can dream up a name that isn't confusingly similar... I can't think of anything... -Eric |
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
