On 9/1/2015 1:01 AM, jonghwa3@samsung.com wrote:
> On 2015년 08월 31일 22:59, Lukasz Pawelczyk wrote:
>> On pon, 2015-08-31 at 15:13 +0900, jonghwa3@samsung.com wrote:
>>> A rule is defined for a process, 'process A', in smack rule table.
>>>
>>> ...
>>> Process Adevice::Aarwx-
>>> ..
On 2015년 08월 31일 22:59, Lukasz Pawelczyk wrote:
> On pon, 2015-08-31 at 15:13 +0900, jonghwa3@samsung.com wrote:
>> A rule is defined for a process, 'process A', in smack rule table.
>>
>> ...
>> Process Adevice::Aarwx-
>> ...
>>
>> The object 'device::A' will be used to a device node
On pon, 2015-08-31 at 15:13 +0900, jonghwa3@samsung.com wrote:
> A rule is defined for a process, 'process A', in smack rule table.
>
> ...
> Process Adevice::Aarwx-
> ...
>
> The object 'device::A' will be used to a device node that 'process A'
> will access.
> However when the targ
On 2015년 08월 29일 02:32, Casey Schaufler wrote:
> On 8/26/2015 6:58 PM, Jonghwa Lee wrote:
>> Current Smack object's label is always given by userspace.
>> So there might be a certain gap between the time of file creation
>> and the time of applying actual label. And because of the time gap,
>> it r
On 8/26/2015 6:58 PM, Jonghwa Lee wrote:
> Current Smack object's label is always given by userspace.
> So there might be a certain gap between the time of file creation
> and the time of applying actual label. And because of the time gap,
> it results unintended Smack denial time to time.
>
> If a
Current Smack object's label is always given by userspace.
So there might be a certain gap between the time of file creation
and the time of applying actual label. And because of the time gap,
it results unintended Smack denial time to time.
If accessing a file occurs ahead of labeling, Smack modu
6 matches
Mail list logo
