--- [email protected] wrote:
> On Thu, 06 Dec 2007 15:29:07 GMT, Pavel Machek said:
> >
> > > Why not use SELinux?
> > >
> > > Because SELinux doesn't guarantee filename and its attribute.
> > > The purpose of this filesystem is to ensure filename and its attribute
> > > (e.g. /dev/null is guaranteed to be a character device file
> > > with major=1 and minor=3).
> >
> > Why not improve selinux to be able to assign label of new file based
> > on directory label and name?
>
> The problem isn't the label, it's the *other* attributes...
>
> What happens if /dev/null has the correct SELinux label, but the major/minor
> is 1,27 rather than 1,3?
Isn't this the kind of thing that Bastille is good for?
Casey Schaufler
[email protected]
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
