[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Why "id -Z" get the current process security context but says "of th
From: |
Jarkko Sakkinen |
Subject: |
Re: Why "id -Z" get the current process security context but says "of the current user" in help? |
Date: |
Thu, 23 Jan 2014 14:27:28 +0200 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
Hi
On Thu, Jan 16, 2014 at 12:07:02PM +0000, Pádraig Brady wrote:
> On 01/16/2014 06:24 AM, Jarkko Sakkinen wrote:
> > Hi
> >
> > On Thu, Jan 16, 2014 at 02:16:28AM +0000, Pádraig Brady wrote:
> >> So I suppose we might change the --help docs etc. to say
> >> _process_ rather than _user_. Is SMACK64EXEC a common
> >> label to have set on the id executable? Jarkko I don't suppose
> >> there is any way to avoid that?
> >
> > I don't see any reason why anyone would set SMACK64EXEC for 'id'. There's
> > no realistic use case to do that.
>
> OK it's an edge case so we can set the docs accordingly.
> BTW I notice SELinux' getprevcon() which is the same as getcon()
> but gets the context before the last exec.
> If SMACK had an equivalent would that be more appropriate to use here?
SMACK does not provide anything similar in its kernel interface.
> thanks,
> Pádraig.
/Jarkko