Re: [AppArmor 39/45] AppArmor: Profile loading andmanipulation,pathname matching

From: Sean
Date: Sat Jun 09 2007 - 01:45:55 EST

On Fri, 8 Jun 2007 22:38:57 -0700 (PDT)
david@xxxxxxx wrote:

> so are you suggesting that SELinux would call out to userspace for every
> file open to get the label for that file?

No, i'm not. You must already have a kernel function in the current
implementation of AA that decides the proper policy for each path. Why
not use it to feed labels into SELinux.

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at