1
linux/security/selinux/include
Eric Paris b0c636b999 SELinux: create new open permission
Adds a new open permission inside SELinux when 'opening' a file.  The idea
is that opening a file and reading/writing to that file are not the same
thing.  Its different if a program had its stdout redirected to /tmp/output
than if the program tried to directly open /tmp/output. This should allow
policy writers to more liberally give read/write permissions across the
policy while still blocking many design and programing flaws SELinux is so
good at catching today.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Reviewed-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
2008-04-18 20:26:06 +10:00
..
av_inherit.h [SELinux]: Add support for DCCP 2006-12-02 21:22:24 -08:00
av_perm_to_string.h SELinux: create new open permission 2008-04-18 20:26:06 +10:00
av_permissions.h SELinux: create new open permission 2008-04-18 20:26:06 +10:00
avc_ss.h SELinux: export object class and permission definitions 2006-11-28 12:04:36 -05:00
avc.h d_path: Use struct path in struct avc_audit_data 2008-02-14 21:17:08 -08:00
class_to_string.h selinux: support 64-bit capabilities 2008-02-11 20:30:02 +11:00
common_perm_to_string.h
conditional.h
flask.h selinux: support 64-bit capabilities 2008-02-11 20:30:02 +11:00
initial_sid_to_string.h
netif.h SELinux: Convert the netif code to use ifindex values 2008-01-30 08:17:21 +11:00
netlabel.h SELinux: Correct the NetLabel locking for the sk_security_struct 2008-04-18 20:26:03 +10:00
netnode.h SELinux: Add a network node caching mechanism similar to the sel_netif_*() functions 2008-01-30 08:17:23 +11:00
objsec.h SELinux: remove unused backpointers from security objects 2008-04-18 20:26:04 +10:00
security.h SELinux: create new open permission 2008-04-18 20:26:06 +10:00
xfrm.h SELinux: Enable dynamic enable/disable of the network access checks 2008-01-30 08:17:26 +11:00