LinuxLists.cc - [refpolicy] services

2009-03-24 13:31:38

Subject: [refpolicy] services_consolekit.patch

http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_consolekit.patch

New file context for consolekit.

Add interface to allow confined apps to read consolekit logs

userdomain and xserver do this.

consolkit execs shell

Dontaudit ptrace all domains

Reads usr_t files

Communicates with lots of domains via dbus

Uses polkit

Needs to read files in nfs and cifs homedirs.

2009-05-14 15:14:41

by cpebenito

[permalink] [raw]

Subject: [refpolicy] services_consolekit.patch

On Tue, 2009-03-24 at 09:31 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_consolekit.patch
>
> New file context for consolekit.
>
> Add interface to allow confined apps to read consolekit logs
>
> userdomain and xserver do this.
>
> consolkit execs shell
>
> Dontaudit ptrace all domains
>
> Reads usr_t files
>
> Communicates with lots of domains via dbus
>
> Uses polkit
>
> Needs to read files in nfs and cifs homedirs.

Merged.

--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150