From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Fri, 29 Jul 2011 08:42:57 -0400
Subject: [refpolicy] [bugfix] incorrect type_transition on database
	objects
In-Reply-To: <CADyhKSU39spJHhcrf+eQimwxpUX1zXfFy_mkRbXeXxo0fe2OQw@mail.gmail.com>
References: <CADyhKSU39spJHhcrf+eQimwxpUX1zXfFy_mkRbXeXxo0fe2OQw@mail.gmail.com>
Message-ID: <4E32AAD1.4080803@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 07/28/11 10:55, Kohei KaiGai wrote:
> The attached patch fixes incorrect type_transition on database objects.
> 
> Since older version defines db_table and db_procedure classes under
> the db_database class without db_schema class, I missed to update
> type_transition rules corresponding to postgresql_t (it is not often used rule.)
> 
> In addition, I also found a misconfiguration when sepgsql_admin_type
> tries to create a view object. Its type_transition rule should be defined
> under the sepgsql_schema_type, not sepgsql_view_type.
> 
> At the last, I marked unused type_transition rules as deprecated.
> They may ought to be eliminated actually in the near future.
> (E.g, pgsql-v9.1 is released with sepgsql feature)

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com