... is not a valid context
Stephen Smalley
sds at tycho.nsa.gov
Wed Aug 10 16:05:47 UTC 2005
On Wed, 2005-08-10 at 11:57 -0400, Stephen Smalley wrote:
> Doesn't look like limited_user_role() adds a:
> role $1_r types $1_t;
> statement to authorize the role for the type.
Looks like the corresponding statement for full_user_role() is pushed
all the way down to user_domain(). Likely should be brought up to
limited_user_role() and thereby included in both limited_user_role() and
full_user_role() at that level.
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list