From: sds@tycho.nsa.gov (Stephen Smalley)
Date: Thu, 24 Feb 2011 13:18:26 -0500
Subject: [refpolicy] Separate type for AF_UNIX socket created by
	syslogd_t
In-Reply-To: <SNT139-w42F5BDB103916DC8160624ABDA0@phx.gbl>
References: <SNT139-w42F5BDB103916DC8160624ABDA0@phx.gbl>
Message-ID: <1298571506.31953.55.camel@moss-pluto>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Thu, 2011-02-24 at 10:44 +0000, HarryCiao wrote:
> BTW, do we have a way to actually display the label for the
> unix_dgram_socket that bond to /dev/log?

I think the answer is no at present.
netstat -Z claims to report the socket context but is actually just
reading /proc/pid/attr/current of the owning process.

The owning application can get the context of the socket (inode) via
fgetxattr(), but I don't think a third party can presently obtain the
context information.

-- 
Stephen Smalley
National Security Agency