[refpolicy] flask_access_vectors.patch

Christopher J. PeBenito cpebenito at tresys.com
Wed Oct 8 14:49:25 CDT 2008


On Mon, 2008-10-06 at 17:10 -0400, Steve Grubb wrote:
> On Monday 06 October 2008 03:52:11 pm Daniel J Walsh wrote:
> > Christopher J. PeBenito wrote:
> > > On Wed, 2008-09-24 at 16:53 -0400, Daniel J Walsh wrote:
> > >> http://people.fedoraproject.org/~dwalsh/SELinux/F10/flask_access_vectors
> > >>.patch
> > >>
> > >> Add nlmsg_tty_audit for netlink_audit_socket.
> > >
> > > Is there a reference for this?  I don't remember seeing anything on the
> > > main SELinux list.
> >
> > This comes from the new auditing keystroke patch to the kernel. Not sure
> > if this was talked about on selinux or just audit list.
> >
> > Added sgrubb since I am not sure he is on the refpolicy list.
> 
> No I am not on that list. I sent a patch
> 
> http://article.gmane.org/gmane.comp.security.selinux/6759
> 
> a long time ago allowing better control of TTY audit because the alternative 
> is to allow setting audit rules on processes that we only need to send tty 
> info. So, this should reduce the capabilities required for some processes and 
> keep the audit system better protected. 
> 
> This is a more detailed description of what the audit side is:
> 
> https://www.redhat.com/archives/linux-audit/2007-June/msg00000.html
> 
> Everything is in place to use this except SE Linux policy.

So the permission is in Linus' tree? or James'?

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150



More information about the refpolicy mailing list