On Monday 17 December 2007 3:05:37 pm Stephen Smalley wrote:
On Sun, 2007-12-16 at 11:47 -0500, Paul Moore wrote:
We should probably have different permissions for the interface and node
cases. Take the example of an admin who is only interested in enforcing
interface controls and not node
On Tue, 2007-12-18 at 08:59 -0500, Paul Moore wrote:
On Monday 17 December 2007 3:05:37 pm Stephen Smalley wrote:
On Sun, 2007-12-16 at 11:47 -0500, Paul Moore wrote:
We should probably have different permissions for the interface and node
cases. Take the example of an admin who is only
On Tuesday 18 December 2007 10:14:41 am Stephen Smalley wrote:
On Tue, 2007-12-18 at 08:59 -0500, Paul Moore wrote:
Thoughts? Should I just forget all this and use the peer label as a
subject label?
I'm not certain what we gain by using the peer as the object and class
in these checks,
On Monday 17 December 2007 3:05:37 pm Stephen Smalley wrote:
On Sun, 2007-12-16 at 11:47 -0500, Paul Moore wrote:
On Friday 14 December 2007 4:51:29 pm Paul Moore wrote:
This patch implements packet ingress/egress controls for SELinux which
allow SELinux security policy to control the
On Friday 14 December 2007 4:51:29 pm Paul Moore wrote:
This patch implements packet ingress/egress controls for SELinux which
allow SELinux security policy to control the flow of all IPv4 and IPv6
packets into and out of the system. Currently SELinux does not have proper
control over