Daniel J Walsh
dwalsh at redhat.com
Thu Feb 18 11:57:01 CST 2010
On 02/18/2010 11:32 AM, Christopher J. PeBenito wrote:
> On Wed, 2010-02-17 at 10:54 -0500, Daniel J Walsh wrote:
>> Updated patches including ifndef redhat to remove all the old cruft caused by the per_role_template in ancient policy.
> These don't look updated; I don't see any ifndef.
>> staff - Add setexec so it can use sandbox
>> Allow it to read kernel state.
>> Allow it to use rtkit
>> Lots of real world access required by staff_usertype.
>> Also allow staff_t to transition to unconfined_t through sudo.
More information about the refpolicy