From: Eric Paris <eparis@redhat.com>
Date: Thu, 28 Feb 2008 17:58:40 +0000 (-0500)
Subject: SELinux: create new open permission
X-Git-Tag: v2.6.26-rc1~1157^2~10
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b0c636b99997c8594da6a46e166ce4fcf6956fda;p=pandora-kernel.git

SELinux: create new open permission

Adds a new open permission inside SELinux when 'opening' a file.  The idea
is that opening a file and reading/writing to that file are not the same
thing.  Its different if a program had its stdout redirected to /tmp/output
than if the program tried to directly open /tmp/output. This should allow
policy writers to more liberally give read/write permissions across the
policy while still blocking many design and programing flaws SELinux is so
good at catching today.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Reviewed-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
---

Reading git-diff-tree failed