[Dev] Smack aware softwares

José Bollo jose.bollo at eurogiciel.fr
Fri Dec 13 08:28:14 GMT 2013


On ven, 2013-12-13 at 08:52 +0900, Carsten Haitzler wrote:
> On Thu, 12 Dec 2013 16:29:29 +0000 "Schaufler, Casey"
> <casey.schaufler at intel.com> said:
> 
> > > -----Original Message-----
> > > From: dev-bounces at lists.tizen.org [mailto:dev-bounces at lists.tizen.org] On
> > > Behalf Of José Bollo
> > > Sent: Thursday, December 12, 2013 7:05 AM
> > > To: dev at lists.tizen.org
> > > Subject: [Dev] Smack aware softwares
> > > 
(snip)
> > 
> > > So it will be
> > > easy to just adapt the small SELINUX part of 'vi'
> > > to handle Smack.
> > 
> > Yes, you could. If that's turning off the backcopy option it should work fine.
> 
> just to not, turning off the atomic rename saving mechanism in vi (mind you
> every cmdline text editor i know of does this - vi, emacs and jed too), is
> unsafe. it can ultimately lead to file corruption. the write-to-tmpfile and
> rename on top is a mechanism to ensure you have either the full old file R
> complete new file, but NEVER anything in between. the rename guarantees
> atomicity.

You are right. The SELinux part of vi takes care of that and is just
copying the security context from one file to the other.

regards



More information about the Dev mailing list