| commit | 4a33c78ca572598ff76976a41d8b456293dfaebc | [log] [tgz] |
|---|---|---|
| author | Stephen Smalley <sds@tycho.nsa.gov> | Thu Aug 30 17:17:37 2012 -0400 |
| committer | Eric Paris <eparis@redhat.com> | Wed Sep 12 12:16:01 2012 -0400 |
| tree | 0b2cfb3e3c1254caa62a134a5014c252a3b1b768 | |
| parent | f6b82ec701bd74ea7d3403daca1b9e6d2f7ea0bb [diff] |
libsepol: fix neverallow checking on attributes Ole Kliemann reported that allow rules written using type attributes were not being detected by neverallow assertions in the policy. I think that this was broken in policy.24 and later due to changes in the type datum. Fix the expand logic to correctly distinguish type attributes from types. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Eric Paris <eparis@redhat.com>