SELinuxTest: Add file contexts tests.
Add a getFileContext JNI call and use it to obtain and
check the file contexts of the app data directory and
a selected set of other directories.
These tests can be extended to cover a wider set of directories and/or
files but are limited to testing only those files for which search
permission is allowed (by DAC and SELinux) to all directories
that must be traversed to reach the directory/file to be tested and
for which getattr permission is allowed by SELinux to the directory/file
to be tested.
Change-Id: Ia03dd3afb147504c1a034e2e30ad5410d2bd3c1a
Signed-off-by:
Stephen Smalley <sds@tycho.nsa.gov>
Loading
Please sign in to comment