On Nov 15, 2016 4:33 PM, "William Roberts" <bill.c.roberts@xxxxxxxxx> wrote:
>
> <snip>
>
> > memset(&avdatum, 0, sizeof avdatum);
> > + /*
> > + * AUDITDENY and DONTAUDIT are &= assigned, versus |= for
> > + * others. Initialize the data accordingly.
> > + */
> > + avdatum.data = "" &
> > + (AVRULE_AUDITDENY | AVRULE_DONTAUDIT)) ? ~0 : 0;
>
> Nak this, surprising this is working and producing correct output, but
Correct when checking the sesearch output, which makes sense since we're expecting both classes to be all dontaudit statements.
> we would want to check
> against the AVTAB defines...
>
> This patch, while simple, for some reason is getting the best of me :-P
>
> > /* this is used to get the node - insertion is actually unique */
> > node = avtab_insert_nonunique(avtab, key, &avdatum);
> > if (!node) {
> <snip>
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
