From: russell@coker.com.au (Russell Coker)
Date: Fri, 16 Feb 2018 17:02:38 +1100
Subject: [refpolicy] rawip_socket permissions
In-Reply-To: <1fe28c0b-7dd2-fc61-85e3-df8b8cc27742@ieee.org>
References: <3088676.kIsrdd9GrL@xev>
	<1fe28c0b-7dd2-fc61-85e3-df8b8cc27742@ieee.org>
Message-ID: <1842426.p6FBhgQr0C@liv>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Friday, 16 February 2018 9:03:06 AM AEDT Chris PeBenito wrote:
> I've hoped for better socket permission sets, but the verbs for the
> permission set names elude me.  I'm open to suggestions, though I'd
> prefer the permission sets include verbs (or their abbreviations, such
> as "rw") to help convey meaning.

Is there a point in having a specific "rw" on rawip?  Having "rw" implies that 
something other than "rw" would be used, and does that make sense?  Do we have 
network sniffers having just read access?

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/