diff options
author | KaiGai Kohei <kaigai@ak.jp.nec.com> | 2009-06-18 17:26:13 +0900 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-06-19 00:12:28 +1000 |
commit | 44c2d9bdd7022ca7d240d5adc009296fc1c6ce08 (patch) | |
tree | 33115ee8d7e167d2a26558c2af8e0edfdca099d5 /security/tomoyo | |
parent | caabbdc07df4249f2ed516b2c3e2d6b0973bcbb3 (diff) | |
download | linux-3.10-44c2d9bdd7022ca7d240d5adc009296fc1c6ce08.tar.gz linux-3.10-44c2d9bdd7022ca7d240d5adc009296fc1c6ce08.tar.bz2 linux-3.10-44c2d9bdd7022ca7d240d5adc009296fc1c6ce08.zip |
Add audit messages on type boundary violations
The attached patch adds support to generate audit messages on two cases.
The first one is a case when a multi-thread process tries to switch its
performing security context using setcon(3), but new security context is
not bounded by the old one.
type=SELINUX_ERR msg=audit(1245311998.599:17): \
op=security_bounded_transition result=denied \
oldcontext=system_u:system_r:httpd_t:s0 \
newcontext=system_u:system_r:guest_webapp_t:s0
The other one is a case when security_compute_av() masked any permissions
due to the type boundary violation.
type=SELINUX_ERR msg=audit(1245312836.035:32): \
op=security_compute_av reason=bounds \
scontext=system_u:object_r:user_webapp_t:s0 \
tcontext=system_u:object_r:shadow_t:s0:c0 \
tclass=file perms=getattr,open
Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo')
0 files changed, 0 insertions, 0 deletions