| commit | 1cc7bd8bcbd9fe9ad4c790edead37a858f0edc39 | [log] [tgz] |
|---|---|---|
| author | Wez <wez@fuchsia.infra.roller.google.com> | Thu Nov 07 17:48:43 2024 +0000 |
| committer | Copybara-Service <copybara-worker@google.com> | Thu Nov 07 09:52:36 2024 -0800 |
| tree | d91e4d69b4b105bc257e0c04bdd8c471287cbf7e | |
| parent | a3e17ad998ab9a834b0e4eb2f18780f94bba2608 [diff] |
[roll] Roll fuchsia [sestarnix] Add permissions checks to fs_node_setsecurity() When a file node's "security.selinux" xattr is modified, the system validates that the task has "relabelfrom" and "relabelto" rights to the new and old Security Contexts, respectively. The new Security Context should also be checked for the "associate" permission to the file-system; this check is made, but the result ignored, until correct file-system labels are implemented. Original-Bug: 351195217, 355180447 Original-Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/1112132 Original-Revision: ef955fef3cb849bd17334b626d72b801dcb3e13b GitOrigin-RevId: f5267470dabeccd13557f114247e3e4959d7a323 Change-Id: Ia08a82cf39ad65f34755c6ec0080eefb308b7af4
This repository contains Fuchsia's Global Integration manifest files.
All changes should be made to the internal version of this repository. Our infrastructure automatically updates this version when the internal one changes.
Currently all changes must be made by a Google employee. Non-Google employees wishing to make a change can ask for assistance in one of the communication channels documented at get involved.
First install Jiri.
Next run:
$ jiri init $ jiri import minimal https://fuchsia.googlesource.com/integration $ jiri update
Third party projects should have their own subdirectory in ./third_party.