On Thu, Feb 16, 2017 at 10:24 PM, James Morris <jmorris@xxxxxxxxx> wrote: > On Thu, 16 Feb 2017, Stephen Smalley wrote: > >> When SELinux was first added to the kernel, a process could only get >> and set its own resource limits via getrlimit(2) and setrlimit(2), so no >> MAC checks were required for those operations, and thus no security hooks >> were defined for them. Later, SELinux introduced a hook for setlimit(2) >> with a check if the hard limit was being changed in order to be able to >> rely on the hard limit value as a safe reset point upon context >> transitions. > > [...] > > > Queued for 4.11 at > git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git#next-queue Stephen pushed a v2 patch to fix a build problem, are you going to fixup your tree? -- paul moore www.paul-moore.com _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
