http://people.fedoraproject.org/~dwalsh/SELinux/F13/system_mount.patch
File context for fusermount so I can stop xguest from using mount
New file context for mount
Dontaudit broken leaks
Lots of new access for mount.
On Tue, 2010-02-23 at 17:17 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F13/system_mount.patch
>
> File context for fusermount so I can stop xguest from using mount
>
> New file context for mount
>
> Dontaudit broken leaks
>
> Lots of new access for mount.
How much of this new access is due to fusermount? Dbus usage, exec'ing
things unrelated to mount like ssh, transitioning to rpcd? Sounds like
fusermount might need its own type after all.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150