PERFORCE change 20657 for review
Brian F. Feldman
green at freebsd.org
Mon Nov 4 19:53:08 GMT 2002
Brian Feldman <green at FreeBSD.org> wrote:
> http://perforce.freebsd.org/chv.cgi?CH=20657
>
> Change 20657 by green at green_laptop_2 on 2002/11/04 11:34:53
>
> Be resilient to relabel operations on mac_lomac objects by
> always blanking the destination and copying the old label,
> but only if the new label "appears" internalized.
BTW, this really does apply to all policies, and needs to be documented as
such. Biba/MLS got it "not totally wrong" because they don't bzero the
label they're overwriting, so in the case where there's nothing to copy they
just overwrite nothing on the target label.
--
Brian Fundakowski Feldman \'[ FreeBSD ]''''''''''\
<> green at FreeBSD.org <> bfeldman at tislabs.com \ The Power to Serve! \
Opinions expressed are my own. \,,,,,,,,,,,,,,,,,,,,,,\
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list