[redhat-lspp] Re: RHEL5 Kernel with labeled networking
Kris Wilson
krisw at us.ibm.com
Thu Oct 5 20:59:48 UTC 2006
redhat-lspp-bounces at redhat.com wrote on 10/04/2006 12:57:45 PM:
> On Wed, 2006-10-04 at 13:51 -0400, Eric Paris wrote:
> > setsockcreate i believe is already there....
>
> but not defined in policy (flask/access_vectors) so no one can use it in
> policy (but the kernel will deny it unless your allow rule implicitly
> grants it via a * or a set complement).
Are there plans to add this to the policy?
More information about the redhat-lspp
mailing list