AVC messages at boot and kdm login (latest Rawhide)
Paul Nasrat
pauln at truemesh.com
Thu Mar 11 16:37:27 UTC 2004
On Thu, Mar 11, 2004 at 11:17:49AM -0500, Bill Nottingham wrote:
> Russell Coker (russell at coker.com.au) said:
> > How does /dev/input really work? As I understand it event0 could be a
> > keyboard or a mouse. So maybe we want a separate type for this so that when
> > using gpm it can access it, but when the user is granted direct mouse access
> > they can't read the keyboard directly.
> >
> > Does this make sense?
>
> X will need access to eventX as well.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=117369
I guess that init 5 is ok as that is running under
system_r:xdm_xserver_t so we can set that up as with gpm.
A user starts user_xserver_t, I'm still finding my feet around policy
is this enough to restrict by type.
Paul
More information about the fedora-selinux-list
mailing list