From: dwalsh@redhat.com (Daniel J Walsh)
Date: Mon, 11 Nov 2013 09:21:41 -0500
Subject: [refpolicy] [PATCH 09/39] These are some of the device nodes
 created by kernel, and udev with the generic device_t type in debian.
In-Reply-To: <1384117122.30406.3.camel@d30>
References: <1383990320-3340-1-git-send-email-dominick.grift@gmail.com>	<1383990320-3340-9-git-send-email-dominick.grift@gmail.com>	<20131110203327.383ce68f@gentp.lnet>
	<1384117122.30406.3.camel@d30>
Message-ID: <5280E7F5.1060206@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/10/2013 03:58 PM, Dominick Grift wrote:
> On Sun, 2013-11-10 at 20:33 +0100, Luis Ressel wrote:
>> I also experience this problem when I reconnect my mouse, so it isn't 
>> debian-specific. I'm not a SELinux expert, but this patch looks like a 
>> workaround to me, not like a real fix. It's also a bit limited: For 
>> example, on my system, there are more event devices than event0 - event5
>> (atm, the mouse in question is at event9).
> 
> I consider this to be a )possible) starting point
> 
> I do not think we should add named file type transitions for every 
> conceivable object in /dev like i think Fedora does
> 
> Only the ones that are actually confirmed. but yes this should probably not
> be distro specific.
> 
> Consider this patch a [RFC]
> 
> 
> _______________________________________________ refpolicy mailing list 
> refpolicy at oss.tresys.com http://oss.tresys.com/mailman/listinfo/refpolicy
> 
The ones we have added in Fedora have been confirmed.   We just round up to
the next 10 when they happen.  We add them when we see bug reports for
mislabeled devices.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlKA5/UACgkQrlYvE4MpobMamgCgtKW39NzDr358RVqy+VqKD7yG
/y4An0sAzsWITVqxZPMBaRL3Vhs/5nRb
=9UaC
-----END PGP SIGNATURE-----