subject:"\[RFC PATCH v8 18\/18\] SELinux\: Add network ingress and egress control permission checks"

Re: [RFC PATCH v8 18/18] SELinux: Add network ingress and egress control permission checks

2007-12-18 Thread Paul Moore

On Tuesday 18 December 2007 10:14:41 am Stephen Smalley wrote: > On Tue, 2007-12-18 at 08:59 -0500, Paul Moore wrote: > > Thoughts? Should I just forget all this and use the peer label as a > > subject label? > > I'm not certain what we gain by using the peer as the object and class > in these che

Re: [RFC PATCH v8 18/18] SELinux: Add network ingress and egress control permission checks

2007-12-18 Thread Stephen Smalley

On Tue, 2007-12-18 at 08:59 -0500, Paul Moore wrote: > On Monday 17 December 2007 3:05:37 pm Stephen Smalley wrote: > > On Sun, 2007-12-16 at 11:47 -0500, Paul Moore wrote: > > > We should probably have different permissions for the interface and node > > > cases. Take the example of an admin who

Re: [RFC PATCH v8 18/18] SELinux: Add network ingress and egress control permission checks

2007-12-18 Thread Paul Moore

On Monday 17 December 2007 3:05:37 pm Stephen Smalley wrote: > On Sun, 2007-12-16 at 11:47 -0500, Paul Moore wrote: > > We should probably have different permissions for the interface and node > > cases. Take the example of an admin who is only interested in enforcing > > interface controls and no

Re: [RFC PATCH v8 18/18] SELinux: Add network ingress and egress control permission checks

2007-12-17 Thread Paul Moore

On Monday 17 December 2007 3:05:37 pm Stephen Smalley wrote: > On Sun, 2007-12-16 at 11:47 -0500, Paul Moore wrote: > > On Friday 14 December 2007 4:51:29 pm Paul Moore wrote: > > > This patch implements packet ingress/egress controls for SELinux which > > > allow SELinux security policy to control

Re: [RFC PATCH v8 18/18] SELinux: Add network ingress and egress control permission checks

2007-12-17 Thread Stephen Smalley

On Sun, 2007-12-16 at 11:47 -0500, Paul Moore wrote: > On Friday 14 December 2007 4:51:29 pm Paul Moore wrote: > > This patch implements packet ingress/egress controls for SELinux which > > allow SELinux security policy to control the flow of all IPv4 and IPv6 > > packets into and out of the system

Re: [RFC PATCH v8 18/18] SELinux: Add network ingress and egress control permission checks

2007-12-16 Thread Paul Moore

On Friday 14 December 2007 4:51:29 pm Paul Moore wrote: > This patch implements packet ingress/egress controls for SELinux which > allow SELinux security policy to control the flow of all IPv4 and IPv6 > packets into and out of the system. Currently SELinux does not have proper > control over forw

[RFC PATCH v8 18/18] SELinux: Add network ingress and egress control permission checks

2007-12-14 Thread Paul Moore

This patch implements packet ingress/egress controls for SELinux which allow SELinux security policy to control the flow of all IPv4 and IPv6 packets into and out of the system. Currently SELinux does not have proper control over forwarded packets and this patch corrects this problem. Special tha

Re: [RFC PATCH v8 18/18] SELinux: Add network ingress and egress control permission checks

Re: [RFC PATCH v8 18/18] SELinux: Add network ingress and egress control permission checks

Re: [RFC PATCH v8 18/18] SELinux: Add network ingress and egress control permission checks

Re: [RFC PATCH v8 18/18] SELinux: Add network ingress and egress control permission checks

Re: [RFC PATCH v8 18/18] SELinux: Add network ingress and egress control permission checks

Re: [RFC PATCH v8 18/18] SELinux: Add network ingress and egress control permission checks

[RFC PATCH v8 18/18] SELinux: Add network ingress and egress control permission checks

7 matches

Site Navigation

Mail list logo

Footer information