Re: audit 1.2.2 released

On Tuesday 23 May 2006 18:20, Michael C Thompson wrote: > socket_has_perm returns 0, This function is not exactly the one I was after.. 3387 static int selinux_nlmsg_perm(struct sock *sk, struct sk_buff *skb) 3388 { <snip> 3401 err = selinux_nlmsg_lookup(isec->sclass, nlh->nlmsg_type, &perm); 3402 if (err) { <snip> 3415 goto out; 3416 } 3417 3418 err = socket_has_perm(current, sock, perm); 3419 out: 3420 return err; 3421 } Socket_has_perm has the second vote. This function in turn gets called by selinux_netlink_send, so that is probably the best place to hook.

> If you have any possible fixes, I'll gladly test them, but currently, > I'm at a loss for time and can't continue. I guess I'll put the hooks in the next kernel and let you test them.