From: dwalsh@redhat.com (Daniel J Walsh)
Date: Tue, 13 Jul 2010 08:21:08 -0400
Subject: [refpolicy] apps_userhelper.patch
In-Reply-To: <4C35E7A7.4070808@tresys.com>
References: <4C06BBE5.4030000@redhat.com> <4C35E7A7.4070808@tresys.com>
Message-ID: <4C3C5A34.5000709@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 07/08/2010 10:58 AM, Christopher J. PeBenito wrote:
> On 06/02/10 16:15, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F14/apps_userhelper.patch
>>
>> Add policy for consolehelper so staff_t can shutdown the machine
> 
> Why does this need to be templated, rather than using a single
> consolehelper_t?
> 
Probably does not need it.  I think I created this policy off of
userhelper, which was templated.  The only think we might want would be
to allow

staff_t @consolehelper -> staff_consolehelper_t @ bin_t -> staff_t.

But I don't have a use case for this.