[refpolicy] apps_gpg.patch
Daniel J Walsh
dwalsh at redhat.com
Mon Jul 19 13:01:49 CDT 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/19/2010 01:45 PM, Christopher J. PeBenito wrote:
> On 07/13/10 08:15, Daniel J Walsh wrote:
>> On 07/06/2010 10:59 AM, Christopher J. PeBenito wrote:
>>> On 06/02/10 16:05, Daniel J Walsh wrote:
>>>> http://people.fedoraproject.org/~dwalsh/SELinux/F14/apps_gpg.patch
>>>>
>>>> gpg dontaudit leaks.
>>>
>>> Merged.
>>>
>>>> Added policy so apache can execute gpg
>>>
>>> I don't understand this part. It seems more like it should be a domain
>>> in the apache module instead.
>>>
>> I guess we could go that way, but you need interfaces including
>> gpg_exec_t.
>
> How is this used? Is it run from a CGI script to check the signature or
> (en|de)crypt a file?
>
Yes and Yes, I think.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkxEkw0ACgkQrlYvE4MpobP5PQCghfRZmBU9jAJKqInOupTCscKj
QbkAoNE0YRTo7HSdry4fyyIG+JGlg+3r
=ObBx
-----END PGP SIGNATURE-----
More information about the refpolicy
mailing list