Skip to content
This repository has been archived by the owner on Jun 18, 2018. It is now read-only.

Revisit initial SID name mapping #103

Open
pebenito opened this issue Mar 8, 2016 · 1 comment
Open

Revisit initial SID name mapping #103

pebenito opened this issue Mar 8, 2016 · 1 comment
Labels
question setools/policyrep package

Comments

@pebenito
Copy link
Contributor

pebenito commented Mar 8, 2016

The binary policy does not have the initial SID<->name mapping. Revisit how this is remapped.
@pebenito
Copy link
Contributor Author

It is currently a static mapping in policy_extend.c:

static const char *const sidnames[] = {
    "undefined",
    "kernel",
    "security",
    "unlabeled",
    "fs",
    "file",
    "file_labels",
    "init",
    "any_socket",
    "port",
    "netif",
    "netmsg",
    "node",
    "igmp_packet",
    "icmp_socket",
    "tcp_socket",
    "sysctl_modprobe",
    "sysctl",
    "sysctl_fs",
    "sysctl_kernel",
    "sysctl_net",
    "sysctl_net_unix",
    "sysctl_vm",
    "sysctl_dev",
    "kmod",
    "policy",
    "scmp_packet",
    "devnull"
};

These names are applied in code below this struct definition (if the names are missing). Consider trying to pull in kernel headers or policy headers as an alternative.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
question setools/policyrep package
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pebenito