From: dwalsh@redhat.com (Daniel J Walsh)
Date: Thu, 17 Jun 2010 13:47:12 -0400
Subject: [refpolicy] admin_netutils.patch
In-Reply-To: <1276784256.2929.227.camel@gorn.columbia.tresys.com>
References: <4C06B5D7.4090205@redhat.com>
	<1276784256.2929.227.camel@gorn.columbia.tresys.com>
Message-ID: <4C1A5FA0.5010805@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 06/17/2010 10:17 AM, Christopher J. PeBenito wrote:
> On Wed, 2010-06-02 at 15:49 -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F14/admin_netutils.patch
>>
>> ping gets leaked log descriptor from nagios.
>>
>> Label send_arp as ping_exec_t
>
> Merged.
>
>> Everyone wants to talk to terminals.
>
> Which terminals?  Its already allowed to use user terminals.  Also, the
> user_ping tunable isn't necessary since it can already unconditionally
> use user terminals; that part of the change is a reversal.
>
if ping is executed from a daemon or a dbus service, it will use a 
tty_device_t, for example.