projects / trust_router.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5f7d6a0) | patch
tr_constraints: constraint set members can have limited types
authorSam Hartman <hartmans@debian.org>
Mon, 14 Jul 2014 19:55:27 +0000 (15:55 -0400)
committerSam Hartman <hartmans@debian.org>
Mon, 14 Jul 2014 20:07:34 +0000 (16:07 -0400)
commit1a8664467e70c9cdc0d3eec65be2c2e9ec0fd438
tree7393da1a9e4fc23ebdf76486daddbdab614d7333tree | snapshot
parent5f7d6a087fdda16433e0c47d025e9b4929d33556commit | diff
tr_constraints: constraint set members can have limited types

If a constraint set member has a domain constraint but no realm
constraint treat that as a universal realm constraint (*).

However, if no constraint set member has that constraint type then
access is denied; we do not fail open.
common/tests.json diff | blob | history
common/tr_constraint.c diff | blob | history
Moonshot Trust Router