From: aranea@aixah.de (Luis Ressel)
Date: Sat, 2 Nov 2013 20:59:41 +0100
Subject: [refpolicy] kdevtmpfs
Message-ID: <20131102205941.3f30b5f8@gentp.lnet>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

When using kdevtmpfs, the kernel domain needs the
dev_manage_all_dev_nodes(kernel_t) permission (for example on
(un)plugging USB devices).

The permissions which are currently granted don't suffice
(dev_create_generic_chr_files(kernel_t) etc.), as it also has to
operate on mouse_device_t, usb_device_t and other device_node devices.


Regards,
Luis Ressel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20131102/1c502e72/attachment.bin