[refpolicy] In Fedora policy we have simplified the secure_mode_insmod

Daniel J Walsh dwalsh at redhat.com
Fri Sep 9 06:22:53 CDT 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Now this boolean controls sys_module, so we always transition but we
can turn off the ability to insert modules into the kernel.

This is much simpler then what we had before.

If you like this I have a similar patch for secure_mode_loadpolicy
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk5p9w0ACgkQrlYvE4MpobMcsgCeIu/qU3UgWNFw0cqiJJnziaS6
auUAnR7i9cIOrtDEbtZc546A6RN1Hohy
=QxNy
-----END PGP SIGNATURE-----
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: secure_mode_insmod.patch
Url: http://oss.tresys.com/pipermail/refpolicy/attachments/20110909/200af89b/attachment.pl 


More information about the refpolicy mailing list