* [refpolicy] apps_podsleuth.patch
@ 2009-03-05 16:17 Daniel J Walsh
0 siblings, 0 replies; 10+ messages in thread
From: Daniel J Walsh @ 2009-03-05 16:17 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F11/apps_podsleuth.patch
Additonal file contexts
podsleauth wants to send a signal to who ever runs the app
Add run interface
Uses tmp and cache files. additional capabilities and processe
Connects to http port
uses dos, nfs
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkmv+wUACgkQrlYvE4MpobMAKACgtsMWxEGYw49I7LkllTmoOWyR
cloAnRIu1/FhcyzA67NkDApNpMQEvRH5
=NErQ
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
@ 2010-08-26 22:40 Daniel J Walsh
0 siblings, 0 replies; 10+ messages in thread
From: Daniel J Walsh @ 2010-08-26 22:40 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F14/apps_podsleuth.patch
Podsleuth sends signull to users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkx27U0ACgkQrlYvE4MpobOOggCfeGn1tXGMqxNvB1fOhG67e01y
Ml8AnRMD6ISRLCAduvb1WaIAVMSv+q/5
=jTq6
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
2010-06-02 20:09 Daniel J Walsh
@ 2010-06-22 13:02 ` Christopher J. PeBenito
0 siblings, 0 replies; 10+ messages in thread
From: Christopher J. PeBenito @ 2010-06-22 13:02 UTC (permalink / raw)
To: refpolicy
On Wed, 2010-06-02 at 16:09 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F14/apps_podsleuth.patch
>
> podsleuth asks the kernel to load modules
> Reads/write removable blk device.
>
> Reads user_tmpfs
Merged.
--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
@ 2010-06-02 20:09 Daniel J Walsh
2010-06-22 13:02 ` Christopher J. PeBenito
0 siblings, 1 reply; 10+ messages in thread
From: Daniel J Walsh @ 2010-06-02 20:09 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F14/apps_podsleuth.patch
podsleuth asks the kernel to load modules
Reads/write removable blk device.
Reads user_tmpfs
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
@ 2010-02-23 19:30 Daniel J Walsh
0 siblings, 0 replies; 10+ messages in thread
From: Daniel J Walsh @ 2010-02-23 19:30 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F13/apps_podsleuth.patch
podsleuth asks the kernel to load modules
Reads writes removable_t (ipods)
Reads tmpfs files created by the user.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
2009-11-12 20:48 Daniel J Walsh
@ 2009-12-01 15:32 ` Christopher J. PeBenito
0 siblings, 0 replies; 10+ messages in thread
From: Christopher J. PeBenito @ 2009-12-01 15:32 UTC (permalink / raw)
To: refpolicy
On Thu, 2009-11-12 at 15:48 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F12/apps_podsleuth.patch
>
> podsleauth sends a signal to the userdomain.
Merged.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
@ 2009-11-12 20:48 Daniel J Walsh
2009-12-01 15:32 ` Christopher J. PeBenito
0 siblings, 1 reply; 10+ messages in thread
From: Daniel J Walsh @ 2009-11-12 20:48 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F12/apps_podsleuth.patch
podsleauth sends a signal to the userdomain.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
2009-07-21 14:11 ` Christopher J. PeBenito
@ 2009-07-21 14:50 ` Daniel J Walsh
0 siblings, 0 replies; 10+ messages in thread
From: Daniel J Walsh @ 2009-07-21 14:50 UTC (permalink / raw)
To: refpolicy
On 07/21/2009 10:11 AM, Christopher J. PeBenito wrote:
> On Thu, 2009-05-21 at 11:03 -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F11/apps_podsleuth.patch
>>
>> Lots of policy fixes for podsleuth.
>>
>> Add interface to run podsleuth within a role
>>
>> podsleuth uses tmpfs, tmp and cache
>>
>> Needs to deal with nfs and dos file systems
>>
>> Can be started by dbus, runs as a mono app
>
> Merged except for the nfs and raw disk access, for which I need
> additional explanation.
>
I agree remove the raw disk, I will also.
In RHEL5 and probably older versions of Fedora, we labeled
genfscon hfs / gen_context(system_u:object_r:nfs_t,s0)
genfscon hfsplus / gen_context(system_u:object_r:nfs_t,s0)
These have been changed to dosfs_t, so I think you can ignore both and I will remove them.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
2009-05-21 15:03 Daniel J Walsh
@ 2009-07-21 14:11 ` Christopher J. PeBenito
2009-07-21 14:50 ` Daniel J Walsh
0 siblings, 1 reply; 10+ messages in thread
From: Christopher J. PeBenito @ 2009-07-21 14:11 UTC (permalink / raw)
To: refpolicy
On Thu, 2009-05-21 at 11:03 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/apps_podsleuth.patch
>
> Lots of policy fixes for podsleuth.
>
> Add interface to run podsleuth within a role
>
> podsleuth uses tmpfs, tmp and cache
>
> Needs to deal with nfs and dos file systems
>
> Can be started by dbus, runs as a mono app
Merged except for the nfs and raw disk access, for which I need
additional explanation.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
^ permalink raw reply [flat|nested] 10+ messages in thread
* [refpolicy] apps_podsleuth.patch
@ 2009-05-21 15:03 Daniel J Walsh
2009-07-21 14:11 ` Christopher J. PeBenito
0 siblings, 1 reply; 10+ messages in thread
From: Daniel J Walsh @ 2009-05-21 15:03 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F11/apps_podsleuth.patch
Lots of policy fixes for podsleuth.
Add interface to run podsleuth within a role
podsleuth uses tmpfs, tmp and cache
Needs to deal with nfs and dos file systems
Can be started by dbus, runs as a mono app
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2010-08-26 22:40 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-03-05 16:17 [refpolicy] apps_podsleuth.patch Daniel J Walsh
2009-05-21 15:03 Daniel J Walsh
2009-07-21 14:11 ` Christopher J. PeBenito
2009-07-21 14:50 ` Daniel J Walsh
2009-11-12 20:48 Daniel J Walsh
2009-12-01 15:32 ` Christopher J. PeBenito
2010-02-23 19:30 Daniel J Walsh
2010-06-02 20:09 Daniel J Walsh
2010-06-22 13:02 ` Christopher J. PeBenito
2010-08-26 22:40 Daniel J Walsh
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.