[refpolicy] Milter Mail Filters
Christopher J. PeBenito
cpebenito at tresys.com
Mon Nov 24 08:11:40 CST 2008
On Mon, 2008-11-17 at 10:05 -0500, Paul Howarth wrote:
> Updated patch attached with TCP socket support removed.
Last question
> Index: policy/modules/services/mta.te
> ===================================================================
> --- policy/modules/services/mta.te (revision 2878)
> +++ policy/modules/services/mta.te (working copy)
> @@ -116,6 +116,9 @@
>
> domain_use_interactive_fds(system_mail_t)
>
> + # newaliases runs as system_mail_t when the sendmail initscript does a restart
> + milter_getattr_all_sockets(system_mail_t)
> +
> # postfix needs this for newaliases
> files_getattr_tmp_dirs(system_mail_t)
Why is this bit in the optional_policy for postfix instead of its own
optional_policy at the top level?
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
More information about the refpolicy
mailing list