Stephen Smalley c19395d722 libselinux: selinux_set_mapping: fix handling of unknown classes/perms ... The libselinux selinux_set_mapping() implementation was never updated to handle unknown classes/permissions based on the policy handle_unknown flag. Update it and the internal mapping functions to gracefully handle unknown classes/permissions. Add a security_reject_unknown() interface to expose the corresponding selinuxfs node and use it when creating a mapping to decide whether to fail immediately or proceed. This enables dbus-daemon and XSELinux, which use selinux_set_mapping(), to continue working with the dummy policy or other policies that lack their userspace class/permission definitions as long as the policy was built with -U allow. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>		2019-03-01 12:51:31 +01:00
..
selinux	libselinux: selinux_set_mapping: fix handling of unknown classes/perms	2019-03-01 12:51:31 +01:00
Makefile	libselinux: build: follow standard semantics for DESTDIR and PREFIX	2018-02-14 15:59:36 +01:00