diff options
| author |   James Morris <jmorris@redhat.com> | 2005-04-16 15:24:13 -0700 |
|---|---|---|
| committer |   Linus Torvalds <torvalds@ppc970.osdl.org> | 2005-04-16 15:24:13 -0700 |
| commit | 0c9b79429c83a404a04908be65baa9d97836bbb6 (patch) | |
| tree | 66cdf9fc4cf40867ed8c9dc060661615941cd95f /security/selinux/include/flask.h | |
| parent | [PATCH] irda_device() oops fix (diff) | |
| download | linux-dev-0c9b79429c83a404a04908be65baa9d97836bbb6.tar.xz linux-dev-0c9b79429c83a404a04908be65baa9d97836bbb6.zip | |
[PATCH] SELinux: add support for NETLINK_KOBJECT_UEVENT
This patch adds SELinux support for the KOBJECT_UEVENT Netlink family, so
that SELinux can apply finer grained controls to it. For example, security
policy for hald can be locked down to the KOBJECT_UEVENT Netlink family
only. Currently, this family simply defaults to the default Netlink socket
class.
Note that some new permission definitions are added to sync with changes in
the core userspace policy package, which auto-generates header files.
Signed-off-by: James Morris <jmorris@redhat.com>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to '')
| -rw-r--r-- | security/selinux/include/flask.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/security/selinux/include/flask.h b/security/selinux/include/flask.h index 4eef1b654e92..eb9f50823f6e 100644 --- a/security/selinux/include/flask.h +++ b/security/selinux/include/flask.h @@ -58,6 +58,8 @@ #define SECCLASS_NETLINK_DNRT_SOCKET 51 #define SECCLASS_DBUS 52 #define SECCLASS_NSCD 53 +#define SECCLASS_ASSOCIATION 54 +#define SECCLASS_NETLINK_KOBJECT_UEVENT_SOCKET 55 /* * Security identifier indices for initial entities |