| 99fc177b5af4e1e8855d42d2d01cb93ac7f9d14b |
|
18-Sep-2015 |
Jeff Vander Stoep <jeffv@google.com> |
Add neverallow support for ioctl extended permissions
Neverallow rules for ioctl extended permissions will pass in two
cases:
1. If extended permissions exist for the source-target-class set
the test will pass if the neverallow values are excluded.
2. If extended permissions do not exist for the source-target-class
set the test will pass if the ioctl permission is not granted.
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
Acked-by: Nick Kralevich <nnk@google.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
/external/selinux/libsepol/src/util.c
|
| 6ea58f548b87e52e13aee4c14d56031062280747 |
|
28-Jul-2015 |
Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> |
libsepol: Replace sscanf in module_to_cil
Some platforms do not have %ms support in sscanf. This adds a tokenize()
function to be used instead of sscanf. tokenize() has the ability to split on any
delimiter. All whitespace delimiters will be squashed.
Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
/external/selinux/libsepol/src/util.c
|
| 13cd4c8960688af11ad23b4c946149015c80d549 |
|
19-Aug-2008 |
Joshua Brindle <method@manicmethod.com> |
initial import from svn trunk revision 2950
/external/selinux/libsepol/src/util.c
|