linux/security/selinux/include
Eric Paris 6a25b27d60 SELinux: open perm for sock files
When I did open permissions I didn't think any sockets would have an open.
Turns out AF_UNIX sockets can have an open when they are bound to the
filesystem namespace.  This patch adds a new SOCK_FILE__OPEN permission.
It's safe to add this as the open perms are already predicated on
capabilities and capabilities means we have unknown perm handling so
systems should be as backwards compatible as the policy wants them to
be.

https://bugzilla.redhat.com/show_bug.cgi?id=475224

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
2009-03-06 08:50:18 +11:00
..
audit.h SELinux: keep the code clean formating and syntax 2008-07-14 15:01:36 +10:00
av_inherit.h [SELinux]: Add support for DCCP 2006-12-02 21:22:24 -08:00
av_perm_to_string.h SELinux: open perm for sock files 2009-03-06 08:50:18 +11:00
av_permissions.h SELinux: open perm for sock files 2009-03-06 08:50:18 +11:00
avc_ss.h SELinux: shrink sizeof av_inhert selinux_class_perm and context 2009-01-05 19:19:55 +11:00
avc.h SELinux: add boundary support and thread context assignment 2008-08-29 00:33:33 +10:00
class_to_string.h CRED: Add a kernel_service object class to SELinux 2008-11-14 10:39:27 +11:00
common_perm_to_string.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
conditional.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
flask.h CRED: Add a kernel_service object class to SELinux 2008-11-14 10:39:27 +11:00
initial_sid_to_string.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
netif.h SELinux: Convert the netif code to use ifindex values 2008-01-30 08:17:21 +11:00
netlabel.h selinux: Cache NetLabel secattrs in the socket's security struct 2008-10-10 10:16:33 -04:00
netnode.h SELinux: Add a network node caching mechanism similar to the sel_netif_*() functions 2008-01-30 08:17:23 +11:00
netport.h SELinux: add netport.[ch] 2008-04-18 20:26:17 +10:00
objsec.h SELinux: Condense super block security structure flags and cleanup necessary code. 2009-01-19 09:46:40 +11:00
security.h SELinux: remove unused av.decided field 2009-02-14 09:23:08 +11:00
xfrm.h LSM: Make the Labeled IPsec hooks more stack friendly 2008-04-12 19:07:52 -07:00