github-actions[bot]
commented
7 months ago This PR has not had any recent activity. It will be closed in 7 days if it makes no further progress.
Closed JurajMarcin closed 7 months ago
github-actions[bot]
commented
7 months ago This PR has not had any recent activity. It will be closed in 7 days if it makes no further progress.
github-actions[bot]
commented
7 months ago Closing stale PR.
Currently, filename transitions are stored separately from other type enforcement rules and only support exact name matching. However, in practice, the names contain variable parts. This leads to many duplicated rules in the policy that differ only in the part of the name, or it is even impossible to cover all possible combinations.
This patch reflects changes in libsepol implemented in this patch.
The patch adds additional filename transition tables to policydb structure for prefix and suffix rules and updates the functions that access them.
This is a new reimplemented version of the feature, as the previous version was not accepted by the SELinux kernel upstream.
Reviewed-by: Ondrej Mosnacek omosnace@redhat.com