Re: SELinux: How to split permissions for keys?

From: Stephen Smalley
Date: Mon Feb 03 2020 - 09:47:16 EST

Next message: Guenter Roeck: "Re: [PATCH 0/5] scsi: ufs: ufs device as a temperature sensor"
Previous message: kbuild test robot: "[tip:x86/urgent] BUILD SUCCESS 05bd330a7fd8875c423fc07d8ddcad73c10e556e"
In reply to: Richard Haines: "Re: SELinux: How to split permissions for keys?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2/3/20 9:03 AM, Richard Haines wrote:

On Mon, 2020-02-03 at 08:13 -0500, Stephen Smalley wrote:

Was that kernel patch ever posted to selinux list and/or the selinux
kernel maintainers? I don't recall seeing it. If not, please send
it
to the selinux list for review; at least one selinux maintainer
should
ack it before it gets accepted into any other tree.

Not formally. I did post it in a discussion about keys in [2]. Since
then it's been modified to support the split permissions.

Yes, that doesn't count since a) it wasn't the final version of the patch which changed significantly afterward and b) even it had been the final version, there was no acked-by or reviewed-by from a selinux maintainer, just some suggestions. A non-trivial patch that modifies security/selinux needs to be at least acked by a selinux maintainer and often should go through the upstream selinux maintainer (Paul).

I've extracted the patch from [1] and will post that to list for
comments.

Thanks.

[2]
https://lore.kernel.org/selinux/35455b30b5185780628e92c98ec8191c70f39bde.camel@xxxxxxxxxxxxxx/

Next message: Guenter Roeck: "Re: [PATCH 0/5] scsi: ufs: ufs device as a temperature sensor"
Previous message: kbuild test robot: "[tip:x86/urgent] BUILD SUCCESS 05bd330a7fd8875c423fc07d8ddcad73c10e556e"
In reply to: Richard Haines: "Re: SELinux: How to split permissions for keys?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]