diff options
| author | Andrew Morton <akpm@digeo.com> | 2003-05-25 01:12:47 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@home.transmeta.com> | 2003-05-25 01:12:47 -0700 |
| commit | 4a3fbc84058597093f1e08ce749aa364cbf32096 (patch) | |
| tree | 040cb69b9e5789a70d3fe53e70eecd0762b963d3 /fs/exec.c | |
| parent | fb39f360f4dc671e1f7843c64fa4624aa945841d (diff) | |
[PATCH] devpts xattr handler for security labels
From: Stephen Smalley <sds@epoch.ncsc.mil>
This patch against 2.5.69-bk adds an xattr handler for security labels
to devpts and corresponding hooks to the LSM API to support conversion
between xattr values and the security labels stored in the inode
security field by the security module.
This allows userspace to get and set the security labels on devpts
nodes, e.g. so that sshd can set the security label for the pty using
setxattr, just as sshd already sets the ownership using chown.
SELinux uses this support to protect the pty in accordance with the user
process' security label. The changes to the LSM API are general and
should be re-useable by xattr handlers in other pseudo filesystems to
support similar security labeling. The xattr handler for devpts
includes the same generic framework as in ext[23], so handlers for other
kinds of attributes can be added easily in the future.
Diffstat (limited to 'fs/exec.c')
0 files changed, 0 insertions, 0 deletions