lisa/android_kernel_xiaomi_sm8350
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
b0c636b999
android_kernel_xiaomi_sm8350/security/selinux
History
Eric Paris b0c636b999 SELinux: create new open permission 
Adds a new open permission inside SELinux when 'opening' a file.  The idea
is that opening a file and reading/writing to that file are not the same
thing.  Its different if a program had its stdout redirected to /tmp/output
than if the program tried to directly open /tmp/output. This should allow
policy writers to more liberally give read/write permissions across the
policy while still blocking many design and programing flaws SELinux is so
good at catching today.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Reviewed-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
2008-04-18 20:26:06 +10:00
..
include SELinux: create new open permission 2008-04-18 20:26:06 +10:00
ss SELinux: create new open permission 2008-04-18 20:26:06 +10:00
avc.c d_path: Use struct path in struct avc_audit_data 2008-02-14 21:17:08 -08:00
exports.c SELinux: Enable dynamic enable/disable of the network access checks 2008-01-30 08:17:26 +11:00
hooks.c SELinux: create new open permission 2008-04-18 20:26:06 +10:00
Kconfig SELinux: Add a capabilities bitmap to SELinux policy version 22 2008-01-30 08:17:23 +11:00
Makefile SELinux: Add a network node caching mechanism similar to the sel_netif_*() functions 2008-01-30 08:17:23 +11:00
netif.c SELinux: Add warning messages on network denial due to error 2008-01-30 08:17:30 +11:00
netlabel.c selinux: selinux/netlabel.c should #include "netlabel.h" 2008-04-18 20:26:06 +10:00
netlink.c
netnode.c SELinux: Add warning messages on network denial due to error 2008-01-30 08:17:30 +11:00
nlmsgtab.c
selinuxfs.c SELinux: create new open permission 2008-04-18 20:26:06 +10:00
xfrm.c SELinux: Enable dynamic enable/disable of the network access checks 2008-01-30 08:17:26 +11:00