Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / 6a25b27d602aac24f3c642722377ba5d778417ec
commit6a25b27d602aac24f3c642722377ba5d778417ec[log] [tgz]
authorEric Paris <eparis@redhat.com>Thu Mar 05 13:40:35 2009 -0500
committerJames Morris <jmorris@namei.org>Fri Mar 06 08:50:18 2009 +1100
treeba334617326c65ccd98e7f4733c75fa0ac2ae5ca
parent113a0e4590881ce579ca992a80ddc562b3372ede [diff]
SELinux: open perm for sock files

When I did open permissions I didn't think any sockets would have an open.
Turns out AF_UNIX sockets can have an open when they are bound to the
filesystem namespace.  This patch adds a new SOCK_FILE__OPEN permission.
It's safe to add this as the open perms are already predicated on
capabilities and capabilities means we have unknown perm handling so
systems should be as backwards compatible as the policy wants them to
be.

https://bugzilla.redhat.com/show_bug.cgi?id=475224

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
3 files changed
tree: ba334617326c65ccd98e7f4733c75fa0ac2ae5ca
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. usr/
  20. virt/
  21. .gitignore
  22. .mailmap
  23. COPYING
  24. CREDITS
  25. Kbuild
  26. MAINTAINERS
  27. Makefile
  28. README
  29. REPORTING-BUGS