Re: [PATCH 1/2] SELinux Context Label based audit filtering
On Friday 03 February 2006 09:17, Stephen Smalley wrote:
> -F "se_sensitivity>=2" -F
"se_sensitivity<=9"
This requires that SELinux perform the filter interpretation, as the
context structures and dominance relation are purely internal to it, and
the audit system should not be directly tied to them.
The plan was to call SE linux libraries to interpret custom text (public) to
sensitivity and send the raw sensitivity (s0). As for dominance
calculations...we aren't granting access. If someone say they want s2 and
above, we should be able to see that s3 is greater than s2 and generate an
audit record. If you have an api for comparing s3 and s2, let us know and
we'll use it.
The "convention" is that only the SELinux module and the
core SELinux
libraries parse them. Everything else has to use an API provided by the
SELinux module (for in-kernel users) or the core SELinux libraries (for
userland).
I suppose you are right. I should have mentioned that we have no interest in
parsing the full context. User space was going to take the context parsed by
humans as separate fields. This way it is extensible. If a new extension is
added in the future, we add a new field.
In kernel, Dustin was going to use your api to take sid to individual
components. For string we only need = and !=. For levels and sensitivity, we
were going to need to do a comparison since people could desire auditing
secret and above, but let everything else go.
-Steve