[refpolicy] RFC: secure_mode_policyload revision

Russell Coker russell at coker.com.au
Fri Sep 23 09:53:54 CDT 2011


On Sat, 24 Sep 2011, "Christopher J. PeBenito" <cpebenito at tresys.com> wrote:
> Right now, secure_mode_policyload disables policy loading and Boolean
> changing.  The latter is to prevent secure_mode_policyload from being
> turned off.  I was thinking that secure_mode_policyload could be revised
> by labeling this Boolean, and then only removing access to it when
> secure_mode_policyload is enabled, so Booleans can still be toggled,
> except for secure_mode_policyload.  Thoughts?

Sounds good.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/


More information about the refpolicy mailing list