That assumes every label is a string.
> As a side note, please keep in mind that SELinux is itself a generic
> framework for MAC policies, provides encapsulation of security labels,
> and allows security models and attributes to be added or removed without
> requiring changes outside of the security policy engine, which itself is
> an encapsulated component of the SELinux module.
That doesn't matter at all for this question - if you have a selinux_label
attribute you can add your different policies with string labels to
it. But don't mix it up with others.
> Not exactly. Our patch to crond uses a generic policy API that was
> designed to support many different security models, so it doesn't have
> to be specific to SELinux.
So it doesn't hardcode your xattr? That's what I suggested..
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/