From: dwalsh@redhat.com (Daniel J Walsh)
Date: Thu, 05 Mar 2009 09:56:26 -0500
Subject: [refpolicy] kernel_terminal.patch
In-Reply-To: <1236261889.26944.59.camel@gorn.columbia.tresys.com>
References: <49AEF1E9.7010803@redhat.com>
	<1236261889.26944.59.camel@gorn.columbia.tresys.com>
Message-ID: <49AFE81A.8040304@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Christopher J. PeBenito wrote:
> On Wed, 2009-03-04 at 16:26 -0500, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F11/kernel_terminal.patch
>>
>> Terminals can be labeled devpts_t and consoles can be labeled
>> tty_device_t.
> 
> For both of these, in what circumstances does this happen?
> 
Usually boot up,  I think devices created before init.  Devices created
by unconfined domains, devices created in permissive mode.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkmv6BoACgkQrlYvE4MpobN4EwCfaPjA7jFi8IWR4xz1xT2X3VQm
EKUAnRDqvCeMFQWIBHGQMahByulkj9EP
=gKed
-----END PGP SIGNATURE-----