[Devel] Re: [PATCH 3/5] cr: add generic LSM c/r support
Serge E. Hallyn
serge at hallyn.com
Sun Aug 30 13:26:43 PDT 2009
Quoting Casey Schaufler (casey at schaufler-ca.com):
> Serge E. Hallyn wrote:
> > Quoting Casey Schaufler (casey at schaufler-ca.com):
> > I know, I know, I should come up with a better name. But while
> > an selinux context would be
> >
> > root_u:root_r:root_t
> >
> > the blob I have to checkpoint for a task would perhaps be
> >
> > root_u:root_r:root_t:::null:::null::null:::user_u:serge_r:serge_t:::null
> >
>
> What you really want is a textual representation of the security blob
> if I read this correctly.
Exactly.
> Seems like you could call this either a
> "blob string" or a "context collection" or a "checkpoint string".
Object security state? "Foss" for full object security state?
I suspect I'll default to blob...
-serge
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list