mirror of
https://github.com/SELinuxProject/selinux
synced 2025-02-06 12:53:03 +00:00
1174483d29
Currently, filename type transitions support only exact name matching. However, in practice, the names contain variable parts. This leads to many duplicated rules in the policy that differ only in the part of the name, or it is even impossible to cover all possible combinations. This patch extends the filename type transitions structures to include new types of filename transitions - prefix and suffix filename transitions. It also implements the reading and writing of those rules in the kernel binary policy format together with increasing its version. Reviewed-by: Ondrej Mosnacek <omosnace@redhat.com> Signed-off-by: Juraj Marcin <juraj@jurajmarcin.com> Acked-by: James Carter <jwcart2@gmail.com> |
||
|---|---|---|
| .. | ||
| ru | ||
| test | ||
| .gitignore | ||
| checkmodule.8 | ||
| checkmodule.c | ||
| checkpolicy.8 | ||
| checkpolicy.c | ||
| checkpolicy.h | ||
| LICENSE | ||
| Makefile | ||
| module_compiler.c | ||
| module_compiler.h | ||
| parse_util.c | ||
| parse_util.h | ||
| policy_define.c | ||
| policy_define.h | ||
| policy_parse.y | ||
| policy_scan.l | ||
| queue.c | ||
| queue.h | ||
| VERSION | ||