selinux May 2010 archive
Main Archive Page > Month Archives  > selinux archives
selinux: Re: [RFC PATCH v1 5/6] selinux: Convert socket related

Re: [RFC PATCH v1 5/6] selinux: Convert socket related access controls to use socket labels

From: Eric Paris <eparis_at_nospam>
Date: Tue May 04 2010 - 14:30:05 GMT
To: Paul Moore <paul.moore@hp.com>

On Mon, May 3, 2010 at 6:11 PM, Paul Moore <paul.moore@hp.com> wrote:
> At present, the socket related access controls use a mix of inode and
> socket labels; while there should be no practical difference (they
> _should_ always be the same), it makes the code more confusing. This
> patch attempts to convert all of the socket related access control
> points (with the exception of some of the inode/fd based controls) to
> use the socket's own label. In the process, I also converted the
> socket_has_perm() function to take a 'sock' argument instead of a
> 'socket' since that was adding a bit more overhead in some cases.

Should it be renamed to sock_has_perm() then?

-Eric

-- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.