Re: [PATCH 1/1] [bug556972-srivasta]: Explicitly allow /selinux and /sys as FHS exceptions
Hi,
On Fri, Nov 20, 2009 at 12:33:50PM -0600, Manoj Srivastava wrote:
> The report #556972 was filed about a FHS violation in mounting
> selinuxfs on /selinux, which is accurate. Additionally, /sys does not
> appear in the FHS either, and is thus in a similar situation.
>
> Now, I can move the mount point in libselinux1, perhals to
> /lib/sellinux, but that would make us incompatible with other
> installations, and cause a large number of needless conflict with
> currently installed SELinux. Here is the backgound:
Do the userspace tools use /selinux unconditionally or do they examine
/proc/mounts? I'm not familiar with that portion of SELinux.
-Kees
--
Kees Cook @debian.org
Reply to: