[PATCH 3/5] cr: add generic LSM c/r support
Serge E. Hallyn
serge at hallyn.com
Sun Aug 30 13:26:43 PDT 2009
Quoting Casey Schaufler (casey at schaufler-ca.com):
> Serge E. Hallyn wrote:
> > Quoting Casey Schaufler (casey at schaufler-ca.com):
> > I know, I know, I should come up with a better name. But while
> > an selinux context would be
> > root_u:root_r:root_t
> > the blob I have to checkpoint for a task would perhaps be
> > root_u:root_r:root_t:::null:::null::null:::user_u:serge_r:serge_t:::null
> What you really want is a textual representation of the security blob
> if I read this correctly.
> Seems like you could call this either a
> "blob string" or a "context collection" or a "checkpoint string".
Object security state? "Foss" for full object security state?
I suspect I'll default to blob...
More information about the Containers