API Changes
-
Motivation: Removal of sys_security from 2.5.
- Required reworking SELinux API to meet kernel developers'
criteria.
-
SELinux API refactored into three components:
- Add /proc/pid/attr API for process attributes (in 2.5).
- Re-use existing xattr API for file attributes (in 2.5).
- Add selinuxfs pseudo filesystem for security policy API.
- Support for SELinux extensions for System V IPC and socket IPC
to be reinvestigated in the future.
-
libselinux encapsulates all three components.