On Thu, 2006-10-19 at 09:30 -0400, Stephen Smalley wrote: > pam_selinux used to have support to let the user pick from the list of > reachable contexts for the user. So you could just restore that > support.
So, in summary of the discussion, having pam_selinux let the user pick the TE and Sensitivity separately (much as it does now if get_ordered_context_list_with_level() fails) is the valid approach? > That doesn't address sshd though. Or gdm. sshd shouldn't be too > difficult. Combined with adding similar code to sshd. > There were some externally developed gdm patches for selinux > that enabled context selection long ago, but nothing recent > (pre-Fedora). But, from the "gdm/trsuted-X needs lots more work" discussion, gdm should just stay with the default Sensitivity and people can use a terminal+ssh to change levels? -- James Antill <[EMAIL PROTECTED]>
signature.asc
Description: This is a digitally signed message part
-- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
