static pthread_mutex_t global_rules_mutex = PTHREAD_MUTEX_INITIALIZER;
static char *global_rules_path = NULL;
+static const char * const SMACK_LOAD_PATH = "/smack/load";
+
static void free_global_rules(void)
{
smack_rule_set_free(global_rules);
return 0;
}
-int smack_have_access(const char *path, const char *subject,
- const char *object, const char *access_type)
+int smack_have_access(const char *subject, const char *object,
+ const char *access_type)
{
int res;
- if (refresh_global_rules(path) == -1)
+ if (refresh_global_rules(SMACK_LOAD_PATH) == -1)
return 0;
if (pthread_mutex_lock(&global_rules_mutex) != 0)
* Verify access from a given subject to given object with a
* given access type.
*
- * @param path path to smack kernel load file
* @param subject subject of the rule
* @param object object of the rule
* @param access_type string defining access type
* @return 1 if access, 0 if no access.
*/
-extern int smack_have_access(const char *path, const char *subject,
- const char *object, const char *access_type);
+extern int smack_have_access(const char *subject, const char *object,
+ const char *access_type);
/*!
* Get the label that is associated with a peer on the other
* end of a socket.
*
* @param sock_fd The file descriptor of the socket
- * @param label (out) The NULL terminated label of the socket if it exists, the caller is responsible to call free on label.
+ * @param label (out) The NULL terminated label of the socket if it exists,
+ * the caller is responsible to call free on the label.
* @return 0 on success, -1 otherwise.
*/
extern int smack_get_peer_label(int sock_fd, char **label);
projects / framework / security / smack.git / commitdiff