http://people.fedoraproject.org/~dwalsh/SELinux/F14/admin_prelink.patch
Prelink has new directory under /var/lib
dontaudit leaks from domains that transition
prelink needs to manage executables in the users homedir.
cron job looks at all mount points.
On Wed, 2010-06-02 at 15:51 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F14/admin_prelink.patch
>
> Prelink has new directory under /var/lib
The files_search_var_lib() should be redundant due to the
files_var_lib_filetrans().
> dontaudit leaks from domains that transition
>
>
>
> prelink needs to manage executables in the users homedir.
NAK Prelink is highly trusted to manage system libraries. This is too
easy of a way for users to compromise prelink, which could lead to
compromised system libraries.
> cron job looks at all mount points.
Otherwise merged.
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com