[redhat-lspp] [PATCH 2/3] Re: MLS enforcing PTYs, sshd, and newrole
James Antill
james.antill at redhat.com
Mon Oct 30 20:16:34 UTC 2006
On Mon, 2006-10-30 at 15:03 -0500, James Antill wrote:
> On Fri, 2006-10-27 at 14:38 -0400, Stephen Smalley wrote:
>
> > Look at Darrel's patch for mcstransd to apply a permission check between
> > the level of the caller and the level being translated for context
> > translations.
>
> Thanks to much discussion with Dan and Stephen, I'm pretty sure I have
> this correct now.
Here is the reference policy part of the patches (libselinux came
previously and PAM is next).
--
James Antill - <james.antill at redhat.com>
setsockopt(fd, IPPROTO_TCP, TCP_CONGESTION, ...);
setsockopt(fd, IPPROTO_TCP, TCP_DEFER_ACCEPT, ...);
setsockopt(fd, SOL_SOCKET, SO_ATTACH_FILTER, ...);
-------------- next part --------------
A non-text attachment was scrubbed...
Name: policy-pam-range-checking.patch
Type: text/x-patch
Size: 1074 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/redhat-lspp/attachments/20061030/1645adcf/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/redhat-lspp/attachments/20061030/1645adcf/attachment.sig>
More information about the redhat-lspp
mailing list