mirror of
https://github.com/SELinuxProject/selinux
synced 2024-12-24 15:02:44 +00:00
99fc177b5a
Neverallow rules for ioctl extended permissions will pass in two cases: 1. If extended permissions exist for the source-target-class set the test will pass if the neverallow values are excluded. 2. If extended permissions do not exist for the source-target-class set the test will pass if the ioctl permission is not granted. Signed-off-by: Jeff Vander Stoep <jeffv@google.com> Acked-by: Nick Kralevich <nnk@google.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> |
||
---|---|---|
.. | ||
policydb | ||
boolean_record.h | ||
booleans.h | ||
context_record.h | ||
context.h | ||
debug.h | ||
errcodes.h | ||
handle.h | ||
iface_record.h | ||
interfaces.h | ||
module_to_cil.h | ||
module.h | ||
node_record.h | ||
nodes.h | ||
policydb.h | ||
port_record.h | ||
ports.h | ||
roles.h | ||
sepol.h | ||
user_record.h | ||
users.h |