From: dwalsh@redhat.com (Daniel J Walsh)
Date: Tue, 24 Mar 2009 09:18:14 -0400
Subject: [refpolicy] apps_gpg.patch
Message-ID: <49C8DD96.9060201@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

http://people.fedoraproject.org/~dwalsh/SELinux/F11/apps_gpg.patch

Fix gpg file context for 64 bit platform

Apps send sigkill to gpg as well as signal

gpg gets execed by firefox and thunderbird which leak file descriptors 
like crazy so need to cover this up

gpg needs getcap


Creates /tmp files

Reads kernel sysctl to check fips mode

lists inotify

cals getpw



gpg_helper needs get and setsched

calls getpw
Lists inotify

gpg_t needs to be able to rewrite /tmp files created by thunderbird and 
files in the homedir, in order to sign/encrypt them