selinux August 2009 archive
Main Archive Page > Month Archives  > selinux archives
selinux: [PATCH 0/2] Policy support for the new TUN hooks

[PATCH 0/2] Policy support for the new TUN hooks

From: Paul Moore <paul.moore_at_nospam>
Date: Fri Aug 28 2009 - 21:13:00 GMT
To: selinux@tycho.nsa.gov, refpolicy@oss1.tresys.com


Second, and hopefully final, version of the SELinux policy for the new TUN hooks. This version includes all the feedback from Chris discussed on the list as well as my sign-off.

---

Paul Moore (2): refpol: Policy for the new TUN driver access controls refpol: Add the "tun_socket" object class flask definitions policy/flask/access_vectors | 2 ++ policy/flask/security_classes | 2 ++ policy/modules/admin/vpn.te | 1 + policy/modules/apps/qemu.if | 3 +++ policy/modules/apps/uml.te | 6 ++++++ policy/modules/services/openvpn.te | 1 + policy/modules/services/virt.if | 19 +++++++++++++++++++ policy/modules/services/virt.te | 1 + policy/modules/system/userdomain.if | 23 +++++++++++++++++++++++  policy/modules/system/userdomain.te | 2 ++  10 files changed, 60 insertions(+), 0 deletions(-)

--

This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.