SELinux: How to split permissions for keys?
Stephen Smalley
sds at tycho.nsa.gov
Mon Feb 3 14:48:12 UTC 2020
On 2/3/20 9:03 AM, Richard Haines wrote:
> On Mon, 2020-02-03 at 08:13 -0500, Stephen Smalley wrote:
>> Was that kernel patch ever posted to selinux list and/or the selinux
>> kernel maintainers? I don't recall seeing it. If not, please send
>> it
>> to the selinux list for review; at least one selinux maintainer
>> should
>> ack it before it gets accepted into any other tree.
>>
>>
>
> Not formally. I did post it in a discussion about keys in [2]. Since
> then it's been modified to support the split permissions.
Yes, that doesn't count since a) it wasn't the final version of the
patch which changed significantly afterward and b) even it had been the
final version, there was no acked-by or reviewed-by from a selinux
maintainer, just some suggestions. A non-trivial patch that modifies
security/selinux needs to be at least acked by a selinux maintainer and
often should go through the upstream selinux maintainer (Paul).
> I've extracted the patch from [1] and will post that to list for
> comments.
Thanks.
> [2]
> https://lore.kernel.org/selinux/35455b30b5185780628e92c98ec8191c70f39bde.camel@btinternet.com/
More information about the Linux-security-module-archive
mailing list