LinuxLists.cc - [refpolicy] services

2009-11-12 21:29:13

Subject: [refpolicy] services_dovecot.patch

http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_dovecot.patch

dovecot is dropping capabilities,

getattr on mounted file systems

dovecot auth sends itself signals and drops capabilities

reads users tmp files (kerberos tickets)

deliver_t needs to write to cifs and nfs homedir

2010-01-07 16:52:06

by cpebenito

[permalink] [raw]

Subject: [refpolicy] services_dovecot.patch

On Thu, 2009-11-12 at 16:29 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_dovecot.patch
>
> dovecot is dropping capabilities,
>
> getattr on mounted file systems
>
> dovecot auth sends itself signals and drops capabilities
>
> reads users tmp files (kerberos tickets)

Moved this into the optional with kerberos_use()

> deliver_t needs to write to cifs and nfs homedir

Merged.

--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150