From mboxrd@z Thu Jan  1 00:00:00 1970
From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Thu, 05 Mar 2009 13:18:18 -0500
Subject: [refpolicy] kernel_storage.patch
In-Reply-To: <49B00BBF.7020302@redhat.com>
References: <49AEF3A6.7080007@redhat.com>
	<1236269561.26944.115.camel@gorn.columbia.tresys.com>
	<49B00BBF.7020302@redhat.com>
Message-ID: <1236277098.26944.118.camel@gorn.columbia.tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Thu, 2009-03-05 at 12:28 -0500, Daniel J Walsh wrote:
> Christopher J. PeBenito wrote:
> > On Wed, 2009-03-04 at 16:33 -0500, Daniel J Walsh wrote:
> >> http://people.fedoraproject.org/~dwalsh/SELinux/F11/kernel_storage.patch
> >>
> >> Additonal file context
> >>
> >> Allow management of fixed_disk_device_t chr_file
> > 
> > Are you sure about the MLS change of the FUSE device to system low, from
> > system high?
> > 
> > Otherwise merged.
> > 
> fuse file systems are mounted on users home directories by default in
> F10/F11 so a MLS login as a user will only work if this is SystemLow.

Can you describe more fully what the scenario is?  I'm having trouble
seeing where the MLS issue is.  It seems like mount should be able to
handle this fine.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150