Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRe: Patch to make can_network stronger and remove nscd tunable.
From: Daniel J Walsh <dwalsh_at_redhat.com>
Date: Tue, 02 Nov 2004 09:30:51 -0500
>On Tue, 2 Nov 2004 03:18, Daniel J Walsh <dwalsh@redhat.com> wrote:
>-allow dictd_t self:capability { setuid setgid };
>+allow hald_t { device_t }:{ chr_file } { create_file_perms };
>+file_type_auto_trans(kudzu_t, tmp_t, kudzu_tmp_t, chr_file)
>+dontaudit mailman_queue_t src_t:dir { search };
>-allow postfix_$1_t self:capability { setuid setgid dac_override }; I will add allow $1_t self:capability net_bind_service; to ypbind.
>-allow radiusd_t self:capability { chown dac_override fsetid kill setgid
>I think that some structural changes need to be made before any of the changes -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Tue 2 Nov 2004 - 09:31:27 EST |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |