[policy-1.9-5] VNC module in X AVC
Russell Coker
russell at coker.com.au
Sun Mar 21 02:56:20 UTC 2004
On Sun, 21 Mar 2004 13:48, Aleksey Nogin <aleksey at nogin.org> wrote:
> On 20.03.2004 18:24, Russell Coker wrote:
> > If so we need to
> > get /etc/services corrected, and to have the port labeled as
> > xserver_port_t.
>
> This might be reasonable - to reserve :0 for X and force Xvnc (which
> might be started by users) use higher display numbers.
In what situations would users need to start their own VNC servers?
What exactly does Xvnc do? Does it do the same sort of stuff as when the user
runs "startx" but for remote display only? If so we need a user_vnc_t domain
for it etc.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-selinux-list
mailing list