On Tuesday 18 December 2007 10:14:41 am Stephen Smalley wrote:
> On Tue, 2007-12-18 at 08:59 -0500, Paul Moore wrote:
> > Thoughts? Should I just forget all this and use the peer label as a
> > subject label?
>
> I'm not certain what we gain by using the peer as the object and class
> in these che
On Tue, 2007-12-18 at 08:59 -0500, Paul Moore wrote:
> On Monday 17 December 2007 3:05:37 pm Stephen Smalley wrote:
> > On Sun, 2007-12-16 at 11:47 -0500, Paul Moore wrote:
> > > We should probably have different permissions for the interface and node
> > > cases. Take the example of an admin who
On Monday 17 December 2007 3:05:37 pm Stephen Smalley wrote:
> On Sun, 2007-12-16 at 11:47 -0500, Paul Moore wrote:
> > We should probably have different permissions for the interface and node
> > cases. Take the example of an admin who is only interested in enforcing
> > interface controls and no
On Monday 17 December 2007 3:05:37 pm Stephen Smalley wrote:
> On Sun, 2007-12-16 at 11:47 -0500, Paul Moore wrote:
> > On Friday 14 December 2007 4:51:29 pm Paul Moore wrote:
> > > This patch implements packet ingress/egress controls for SELinux which
> > > allow SELinux security policy to control
On Sun, 2007-12-16 at 11:47 -0500, Paul Moore wrote:
> On Friday 14 December 2007 4:51:29 pm Paul Moore wrote:
> > This patch implements packet ingress/egress controls for SELinux which
> > allow SELinux security policy to control the flow of all IPv4 and IPv6
> > packets into and out of the system
On Friday 14 December 2007 4:51:29 pm Paul Moore wrote:
> This patch implements packet ingress/egress controls for SELinux which
> allow SELinux security policy to control the flow of all IPv4 and IPv6
> packets into and out of the system. Currently SELinux does not have proper
> control over forw
This patch implements packet ingress/egress controls for SELinux which allow
SELinux security policy to control the flow of all IPv4 and IPv6 packets into
and out of the system. Currently SELinux does not have proper control over
forwarded packets and this patch corrects this problem.
Special tha