[PATCH 10/17] selinux: Implement the watch_key security hook [ver #5]

James Morris jmorris at namei.org
Wed Mar 18 19:06:10 UTC 2020


On Wed, 18 Mar 2020, David Howells wrote:

> Implement the watch_key security hook to make sure that a key grants the
> caller View permission in order to set a watch on a key.
> 
> For the moment, the watch_devices security hook is left unimplemented as
> it's not obvious what the object should be since the queue is global and
> didn't previously exist.
> 
> Signed-off-by: David Howells <dhowells at redhat.com>
> Acked-by: Stephen Smalley <sds at tycho.nsa.gov>


Reviewed-by: James Morris <jamorris at linux.microsoft.com>


-- 
James Morris
<jmorris at namei.org>



More information about the Linux-security-module-archive mailing list