From: dwalsh@redhat.com (Daniel J Walsh)
Date: Thu, 18 Mar 2010 14:24:11 -0400
Subject: [refpolicy] system_udev.patch
In-Reply-To: <1268853470.13301.110.camel@gorn.columbia.tresys.com>
References: <4B84466C.9030609@redhat.com>
	<1268853470.13301.110.camel@gorn.columbia.tresys.com>
Message-ID: <4BA26FCB.3000209@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 03/17/2010 03:17 PM, Christopher J. PeBenito wrote:
> On Tue, 2010-02-23 at 16:19 -0500, Daniel J Walsh wrote:
>    
>> http://people.fedoraproject.org/~dwalsh/SELinux/F13/system_udev.patch
>>
>> Allow other domains to unlink udev_tbl_t
>>      
> Needs a different interface, adding it to udev_rw_db() is an excessive
> permission for the interface.
>
>    
>> Uses netlink sockets
>>      
> Do you have any information on this?  It would be best to get a specific
> class added for this socket, rather than use the generic netlink_socket.
>
>    
Added during F11.  Same time as netlink_kobj_uevent_socket.  Might be 
the same thing.
> Otherwise merged.
>
>    
>> Creates device_t symlinks
>>
>> Reads consolekit_var_run
>>
>> dontaudit leaks from hal
>>
>> Searches rpm logs (probably a leak)
>>
>> Transitions to usbmux_d
>>
>>
>>
>>      
>    
Updated patch including new policy for usbmuxd.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: udev.patch
Url: http://oss.tresys.com/pipermail/refpolicy/attachments/20100318/aa7f25a4/attachment.pl