From: russell@coker.com.au (Russell Coker) Date: Sat, 24 Sep 2011 00:53:54 +1000 Subject: [refpolicy] RFC: secure_mode_policyload revision In-Reply-To: <4E7C96DF.4000007@tresys.com> References: <4E7C96DF.4000007@tresys.com> Message-ID: <201109240053.54379.russell@coker.com.au> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Sat, 24 Sep 2011, "Christopher J. PeBenito" wrote: > Right now, secure_mode_policyload disables policy loading and Boolean > changing. The latter is to prevent secure_mode_policyload from being > turned off. I was thinking that secure_mode_policyload could be revised > by labeling this Boolean, and then only removing access to it when > secure_mode_policyload is enabled, so Booleans can still be toggled, > except for secure_mode_policyload. Thoughts? Sounds good. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/