LinuxLists.cc - [refpolicy] roles

2009-03-05 16:24:52

Subject: [refpolicy] roles_secadm.patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F11/roles_secadm.patch

secadm should not have access to all these roles.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkmv/NQACgkQrlYvE4MpobObJACg6H6uuh37Ez9upwBBHlsv8GDg
z3sAoLOHuoFhivGLgTKBsUvPJU/V9BAz
=vb16
-----END PGP SIGNATURE-----

2009-03-11 14:53:42

by cpebenito

[permalink] [raw]

Subject: [refpolicy] roles_secadm.patch

On Thu, 2009-03-05 at 11:24 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/roles_secadm.patch
>
> secadm should not have access to all these roles.

Merged, except I kept screen, su, and sudo, which I feel are reasonable
apps for secadm to use.

--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150