Allow fsadm_t to look at console_device
Dontaudit system_crond_t looking at removable_t.  We are removing access 
to removable_t devices from userspace for mls
policy to help get lspp approval.

Allow getty to run pppd


initrc needs to write to default_t while booting.

Change insmod to nscd_client_domain

Apm needs more access to proc_t

Lots of fixes for cvs domain.

Cyrus needs access to mail spool directotry

Add disable booleans to evolution and thunderbird.  (Both are still a 
pain to run under strict policy.  OpenOffice launch is painfull)

Hal needs to run umount

Hotplug requires sys_rawio

Kudzu needs additional access

Mailer needs to getattr random devices

Network manager needs to communicate with userspace via dbus.
Also needs read access to dhcpc info

remove user_ping boolean from targeted policy (not used)

Lots of fixes for pppd and added pptp domain

Squid and windbind_helper need to communicate

udev needs sys_rawio, and to be able to write to sysfs_t

Additional rules to get vpnc to run under strict policy

Open office has some more texrel_shlib_t files

Add hugetlbfs and mqueue file systems

Many fixes for strict policy gnome, gnome_vfs, thunderbird, evolution

Add isakmp_port for vpnc

Remove user_can_mount tunable.















--