From: paul.moore@hp.com (Paul Moore)
Date: Tue, 3 Feb 2009 15:23:31 -0500
Subject: [refpolicy] [PATCH] network: Enable "network_peer_controls" and
	fix some remaining issues
In-Reply-To: <1233678793.5788.0.camel@gorn>
References: <20090202222816.353506919@hp.com> <1233678793.5788.0.camel@gorn>
Message-ID: <200902031523.31630.paul.moore@hp.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Tuesday 03 February 2009 11:33:10 am Christopher J. PeBenito wrote:
> On Mon, 2009-02-02 at 17:28 -0500, Paul Moore wrote:
> > plain text document attachment (network-in_out_basic)
> > We added the network_peer_controls capability back in Linux Kernel
> > 2.6.25 but didn't activate the capability because more work was
> > needed to ensure a smooth transition to the new controls.  This
> > patch enables the network_peer_controls capability and fixes a few
> > remaining issues with its use.  With this patch applied to the
> > Fedora Rawhide SELinux policy (selinux-policy-3.6.3-12.fc11) I am
> > able to interact with the machine over the network without any new
> > AVC denials.
>
> Merged, with some rearrangement.  I also plan on adding similar
> interfaces for all netifs and all nodes, for completeness.

Okay thanks.

-- 
paul moore
linux @ hp