[PATCH 10/17] selinux: Implement the watch_key security hook [ver #5]
jmorris at namei.org
Wed Mar 18 19:06:10 UTC 2020
On Wed, 18 Mar 2020, David Howells wrote:
> Implement the watch_key security hook to make sure that a key grants the
> caller View permission in order to set a watch on a key.
> For the moment, the watch_devices security hook is left unimplemented as
> it's not obvious what the object should be since the queue is global and
> didn't previously exist.
> Signed-off-by: David Howells <dhowells at redhat.com>
> Acked-by: Stephen Smalley <sds at tycho.nsa.gov>
Reviewed-by: James Morris <jamorris at linux.microsoft.com>
<jmorris at namei.org>
More information about the Linux-security-module-archive