* [refpolicy] apps_seunshare.patch
@ 2009-08-28 20:16 Daniel J Walsh
2009-09-28 19:55 ` Christopher J. PeBenito
0 siblings, 1 reply; 7+ messages in thread
From: Daniel J Walsh @ 2009-08-28 20:16 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F12/apps_seunshare.patch
New setuid helper app to be used with sandbox -X. uses namespace to replace $HOME and /tmp with files a sandbox can write too.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [refpolicy] apps_seunshare.patch
2009-08-28 20:16 [refpolicy] apps_seunshare.patch Daniel J Walsh
@ 2009-09-28 19:55 ` Christopher J. PeBenito
0 siblings, 0 replies; 7+ messages in thread
From: Christopher J. PeBenito @ 2009-09-28 19:55 UTC (permalink / raw)
To: refpolicy
On Fri, 2009-08-28 at 16:16 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F12/apps_seunshare.patch
>
> New setuid helper app to be used with sandbox -X. uses namespace to
> replace $HOME and /tmp with files a sandbox can write too.
Merged.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
^ permalink raw reply [flat|nested] 7+ messages in thread
* [refpolicy] apps_seunshare.patch
@ 2010-08-26 22:42 Daniel J Walsh
0 siblings, 0 replies; 7+ messages in thread
From: Daniel J Walsh @ 2010-08-26 22:42 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F14/apps_seunshare.patch
seunshare needs to be a template so you can run a sandbox in your own
domain.
Lots of fixes for sandboxes.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkx27ewACgkQrlYvE4MpobNFWACgsw6Z0PJ8XnJ5nf9iOJj/E/yA
nsMAn3qiJ/ZAMwqUEDr6OsWrWVLhQB+Y
=GKnz
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 7+ messages in thread
* [refpolicy] apps_seunshare.patch
@ 2010-06-02 20:13 Daniel J Walsh
0 siblings, 0 replies; 7+ messages in thread
From: Daniel J Walsh @ 2010-06-02 20:13 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F14/apps_seunshare.patch
seunshare policy needs to be enhanced for use with sandbox.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [refpolicy] apps_seunshare.patch
@ 2010-02-23 21:32 Daniel J Walsh
0 siblings, 0 replies; 7+ messages in thread
From: Daniel J Walsh @ 2010-02-23 21:32 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F13/apps_seunshare.patch
Added seunshare_role_template so that staff_t can use seunshare and stay
in staff_t domain.
Allows level change using seunshare
dontaudit leaks
^ permalink raw reply [flat|nested] 7+ messages in thread
* [refpolicy] apps_seunshare.patch
2009-11-12 20:54 Daniel J Walsh
@ 2009-12-01 15:32 ` Christopher J. PeBenito
0 siblings, 0 replies; 7+ messages in thread
From: Christopher J. PeBenito @ 2009-12-01 15:32 UTC (permalink / raw)
To: refpolicy
On Thu, 2009-11-12 at 15:54 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F12/apps_seunshare.patch
>
> Fixes for seunshare policy
>
> seunshare needs to be killable by calling apps
>
> Since it is called by firefox and freinds lots of leaks need to be
> dontaudited
>
> seunshare needs setuid, dav_override and sys_admin to mount /home
> and /tmp
>
> sends syslog messages
>
Merged.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
^ permalink raw reply [flat|nested] 7+ messages in thread
* [refpolicy] apps_seunshare.patch
@ 2009-11-12 20:54 Daniel J Walsh
2009-12-01 15:32 ` Christopher J. PeBenito
0 siblings, 1 reply; 7+ messages in thread
From: Daniel J Walsh @ 2009-11-12 20:54 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F12/apps_seunshare.patch
Fixes for seunshare policy
seunshare needs to be killable by calling apps
Since it is called by firefox and freinds lots of leaks need to be dontaudited
seunshare needs setuid, dav_override and sys_admin to mount /home and /tmp
sends syslog messages
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2010-08-26 22:42 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-08-28 20:16 [refpolicy] apps_seunshare.patch Daniel J Walsh
2009-09-28 19:55 ` Christopher J. PeBenito
2009-11-12 20:54 Daniel J Walsh
2009-12-01 15:32 ` Christopher J. PeBenito
2010-02-23 21:32 Daniel J Walsh
2010-06-02 20:13 Daniel J Walsh
2010-08-26 22:42 Daniel J Walsh
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.