diff options
author | Casey Schaufler <casey@schaufler-ca.com> | 2016-08-30 19:31:39 +0200 |
---|---|---|
committer | Casey Schaufler <casey@schaufler-ca.com> | 2016-09-08 22:22:56 +0200 |
commit | c60b906673eebb4f65840fa9dc204401caf276ea (patch) | |
tree | 0ccaf8637751e3183918c3249af3ab465481245f /lib/assoc_array.c | |
parent | Smack: Use memdup_user() rather than duplicating its implementation (diff) | |
download | linux-c60b906673eebb4f65840fa9dc204401caf276ea.tar.xz linux-c60b906673eebb4f65840fa9dc204401caf276ea.zip |
Smack: Signal delivery as an append operation
Under a strict subject/object security policy delivering a
signal or delivering network IPC could be considered either
a write or an append operation. The original choice to make
both write operations leads to an issue where IPC delivery
is desired under policy, but delivery of signals is not.
This patch provides the option of making signal delivery
an append operation, allowing Smack rules that deny signal
delivery while allowing IPC. This was requested for Tizen.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Diffstat (limited to 'lib/assoc_array.c')
0 files changed, 0 insertions, 0 deletions