[refpolicy] [PATCH] network: Enable "network_peer_controls" and fix some remaining issues

Paul Moore paul.moore at hp.com
Tue Feb 3 14:23:31 CST 2009


On Tuesday 03 February 2009 11:33:10 am Christopher J. PeBenito wrote:
> On Mon, 2009-02-02 at 17:28 -0500, Paul Moore wrote:
> > plain text document attachment (network-in_out_basic)
> > We added the network_peer_controls capability back in Linux Kernel
> > 2.6.25 but didn't activate the capability because more work was
> > needed to ensure a smooth transition to the new controls.  This
> > patch enables the network_peer_controls capability and fixes a few
> > remaining issues with its use.  With this patch applied to the
> > Fedora Rawhide SELinux policy (selinux-policy-3.6.3-12.fc11) I am
> > able to interact with the machine over the network without any new
> > AVC denials.
>
> Merged, with some rearrangement.  I also plan on adding similar
> interfaces for all netifs and all nodes, for completeness.

Okay thanks.

-- 
paul moore
linux @ hp


More information about the refpolicy mailing list