Casey Schaufler 6c892df268 Smack: Lock mode for the floor and hat labels ... The lock access mode allows setting a read lock on a file for with the process has only read access. The floor label is defined to make it easy to have the basic system installed such that everyone can read it. Once there's a desire to read lock (rationally or otherwise) a floor file a rule needs to get set. This happens all the time, so make the floor label a little bit more special and allow everyone lock access, too. By implication, give processes with the hat label (hat can read everything) lock access as well. This reduces clutter in the Smack rule set. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>		2014-10-28 08:22:40 -07:00
..
Kconfig	Smack: Bring-up access mode	2014-08-28 13:11:56 -07:00
Makefile	Smack: Simplified Mandatory Access Control Kernel	2008-02-05 09:44:20 -08:00
smack_access.c	Smack: Lock mode for the floor and hat labels	2014-10-28 08:22:40 -07:00
smack_lsm.c	Make Smack operate on smack_known struct where it still used char*	2014-08-29 10:10:55 -07:00
smack.h	Make Smack operate on smack_known struct where it still used char*	2014-08-29 10:10:55 -07:00
smackfs.c	Make Smack operate on smack_known struct where it still used char*	2014-08-29 10:10:55 -07:00