Re: [RFC PATCH v3 5/5] selinux: introduce kdbus access controls
On Wednesday, October 07, 2015 07:08:48 PM Paul Moore wrote:
+static int selinux_kdbus_conn_see_notification(const struct cred
*creds)
+{
+ return avc_has_perm(SECINITSID_KERNEL, cred_sid(creds),
+ SECCLASS_KDBUS, KDBUS__SEE_NOTIFICATION, NULL);
+}
I'm going to flip the subj/obj ordering here, the passed credentials should be
the subject.
--
paul moore
security @ redhat