http://people.fedoraproject.org/~dwalsh/SELinux/F12/system_userdomain.patch
Widely varied from upstream because of consolodating on attributes rather then types.
On Thu, 2009-11-12 at 17:18 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F12/system_userdomain.patch
>
> Widely varied from upstream because of consolodating on attributes
> rather then types.
In principle this is fine, but I'm trying to hold out for a proper
clone/copy mechanism to be available again. When that comes around, I'd
have to undo this change.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
On 02/12/2010 03:26 PM, Christopher J. PeBenito wrote:
> On Thu, 2009-11-12 at 17:18 -0500, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F12/system_userdomain.patch
>>
>> Widely varied from upstream because of consolodating on attributes
>> rather then types.
>
> In principle this is fine, but I'm trying to hold out for a proper
> clone/copy mechanism to be available again. When that comes around, I'd
> have to undo this change.
>
Maybe, but we have been waiting for the clone/copy mechansim for several years now. :^(
I have a hard time many people can use confined users without this mechanism or other distros do not use the exec* checks.
Or they do not use java/mono applications.