-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Please Review and ack.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk8HLk8ACgkQrlYvE4MpobPDBQCgz7v2NguIZHaxCPGf6Qbs3S9A
7lkAoKZ4MsDSqf7mFYL2FYWLS2OaKN7v
=vRqY
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: boinc.patch
Type: text/x-patch
Size: 9242 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20120106/8d47f0fc/attachment.bin
On Fri, Jan 06, 2012 at 12:24:31PM -0500, Daniel J Walsh wrote:
> Please Review and ack.
[...]
What magic does boinc do with its boinc_var_lib_t files?
> +exec_files_pattern(boinc_t, boinc_var_lib_t, boinc_var_lib_t)
^^
this
> +domtrans_pattern(boinc_t, boinc_project_var_lib_t, boinc_project_t)
^^
and this
I don't know boinc, but unless it only uses boinc_var_lib_t to create
executables there (and nothing else) wouldn't we need a separate type for
this?
Wkr,
Sven Vermeulen
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/09/2012 03:42 PM, Sven Vermeulen wrote:
> On Fri, Jan 06, 2012 at 12:24:31PM -0500, Daniel J Walsh wrote:
>> Please Review and ack.
> [...]
>
> What magic does boinc do with its boinc_var_lib_t files?
>
>> +exec_files_pattern(boinc_t, boinc_var_lib_t, boinc_var_lib_t)
> ^^ this
>
>> +domtrans_pattern(boinc_t, boinc_project_var_lib_t,
>> boinc_project_t)
> ^^ and this
>
> I don't know boinc, but unless it only uses boinc_var_lib_t to
> create executables there (and nothing else) wouldn't we need a
> separate type for this?
>
> Wkr, Sven Vermeulen
> _______________________________________________ refpolicy mailing
> list refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
Miroslav has done most of the work on these.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk8LWL4ACgkQrlYvE4MpobOOhQCg2JEBNO+83jCgbcEngoBiSfaK
+xQAoOhbKI9Es5oUCjGkahzkAaS4cwb2
=gJ8m
-----END PGP SIGNATURE-----
On 01/09/2012 10:14 PM, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 01/09/2012 03:42 PM, Sven Vermeulen wrote:
>> On Fri, Jan 06, 2012 at 12:24:31PM -0500, Daniel J Walsh wrote:
>>> Please Review and ack.
>> [...]
>>
>> What magic does boinc do with its boinc_var_lib_t files?
>>
>>> +exec_files_pattern(boinc_t, boinc_var_lib_t, boinc_var_lib_t)
>> ^^ this
>>
>>> +domtrans_pattern(boinc_t, boinc_project_var_lib_t,
>>> boinc_project_t)
>> ^^ and this
>>
>> I don't know boinc, but unless it only uses boinc_var_lib_t to
>> create executables there (and nothing else) wouldn't we need a
>> separate type for this?
>>
>> Wkr, Sven Vermeulen
>> _______________________________________________ refpolicy mailing
>> list refpolicy at oss.tresys.com
>> http://oss.tresys.com/mailman/listinfo/refpolicy
> Miroslav has done most of the work on these.
Boinc/boinc projects create files on the fly which are executed by these
projects. I was trying to find a solution but I always ended up with this.
Regards,
Miroslav
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk8LWL4ACgkQrlYvE4MpobOOhQCg2JEBNO+83jCgbcEngoBiSfaK
> +xQAoOhbKI9Es5oUCjGkahzkAaS4cwb2
> =gJ8m
> -----END PGP SIGNATURE-----