From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Thu, 07 Jan 2010 11:52:06 -0500
Subject: [refpolicy] services_dovecot.patch
In-Reply-To: <4AFC7E29.5010803@redhat.com>
References: <4AFC7E29.5010803@redhat.com>
Message-ID: <1262883126.2553.6030.camel@gorn.columbia.tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Thu, 2009-11-12 at 16:29 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_dovecot.patch
> 
> dovecot is dropping capabilities,
> 
> getattr on mounted file systems
> 
> dovecot auth sends itself signals and drops capabilities
> 
> reads users tmp files (kerberos tickets)

Moved this into the optional with kerberos_use()

> deliver_t needs to write to cifs and nfs homedir

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150