From: domg472@gmail.com (Dominick Grift)
Date: Mon, 24 Jan 2011 14:57:25 +0100
Subject: [refpolicy] [PATCH/RFC 15/19]: patch set to update the git
 reference policy
In-Reply-To: <1295829871.3862.74.camel@tesla.lan>
References: <1295829871.3862.74.camel@tesla.lan>
Message-ID: <4D3D8545.30607@gmail.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/24/2011 01:44 AM, Guido Trentalancia wrote:
> diff -pruN -x .git -x booleans.conf -x corenetwork.if -x corenetwork.te -x modules.conf refpolicy-git-18012011/policy/modules/system/selinuxutil.te refpolicy-git-18012011-new/policy/modules/system/selinuxutil.te
> --- refpolicy-git-18012011/policy/modules/system/selinuxutil.te	2011-01-17 19:36:10.814131755 +0100
> +++ refpolicy-git-18012011-new/policy/modules/system/selinuxutil.te	2011-01-23 04:14:02.662963912 +0100
> @@ -444,6 +444,7 @@ files_read_etc_files(semanage_t)
>  files_read_etc_runtime_files(semanage_t)
>  files_read_usr_files(semanage_t)
>  files_list_pids(semanage_t)
> +files_search_default(semanage_t)

There should not be any default_t directories. Thus this shouldnt be
allowed.

>  
>  mls_file_write_all_levels(semanage_t)
>  mls_file_read_all_levels(semanage_t)
> 
> 
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk09hUUACgkQMlxVo39jgT8WGwCgt/ii7cqY1g1vuFIvYo5Fb1/b
L1UAnRASSyiTspd/9MOQp9fT4gdL3Ff9
=PIvv
-----END PGP SIGNATURE-----