2017-04-12 15:58 GMT+02:00 Stephen Smalley <sds@xxxxxxxxxxxxx>: > Even your usage of selinux_is_enabled() looks suspect; that should > probably go away. Only other user of it seems to be some cred validity > checking that could be dropped as well. Well the main reason for calling selinux_is_enabled() is performance optimization. Should I propose a patch to add a new security_is_enabled() function at the LSM abstraction layer? Or do you consider we should not test security enabled at all? _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
