From: martin.christian@secunet.com (Martin Christian)
Date: Wed, 29 Jun 2011 19:06:24 +0200
Subject: [refpolicy] Type enforcement on files and their fds
Message-ID: <4E0B5B90.9050601@secunet.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I'm slowly getting deeper into the SELinux internals. Hence, my
questions will be quite kernel related. But I hope this list is still
considered the right place for such questions, isn't it?

The notation X:t1 shall be X has/is running with type t1.

How are file descriptors associated with files regarding their labels?

1. Consider a file f:t2 is opened by p1:t1 for writing through file
descriptor fd3.
=> Which label has fd3 now? t1 or t2?

2. Consider a file f is created for writing by p1:t1 in directory d:t2
with fd=3.
=> Which label has f? And which label has fd3?

Regards,

Martin.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJOC1uJAAoJEGpTkDITRjmoJAYH/21h8teiEbXbHutrmQ/jucnG
3Ky1MmMy6VfjUkBNuFIvswQWaunnrsouyx8+Iugcl1mMMV9WTp+fiFo84C7Wd6E5
5K2WJKYe5rtiPptBK+AGpKgQKOf2hao+LMozskvn/SK6gokGmppEac1J5AzhWd7g
lvAyDr5McvEEjGGiPIM+jbbFF+6drph4tZmOa9qcBSazHsRNK5rqtKuqL/9bqIGT
rV2bWA5OLOCtpXUMbF+umeN34sswrzEH8iIO5CMtPUNzNsYnhP6r3jGx98L+deNP
MPz9ode9IYVSUoAQxd3/kmxWbsdpVdqWJ6f6aGVkc1NW4cNf8VWB6wKI82cqwBM=
=DjV9
-----END PGP SIGNATURE-----