[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

I would like to change the behavior of MCS label creations in directory.



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Currently if I create a directory labeled

etc_t:s0:c1

And with a process running as unconfined_t:s0-s0:c0.c1023 create a
file within the directory, the file gets created with the label
etc_t:s0.   I would like to change the behavior to creating the file
as etc_t:s0:c1.

That way an administrator could modify files within a sandbox and have
the files be labeled correctly.

I believe this behavior differs from MLS but believe this would be
what the admin expects.

Is changing this a kernel or policy issue?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk57kjMACgkQrlYvE4MpobO6GACgrZnzZl4OySYUkZATfl7RJPWb
z1YAn0m4wkHLWYWlR6urpuQ0tuGb+cdN
=uDm1
-----END PGP SIGNATURE-----

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.


[Fedora Users]     [Fedora Legacy]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

Powered by Linux