RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
selinux-refpolicy/policy/modules/kernel
History
Chris PeBenito f497b8df50 Christopher J. PeBenito wrote: 
> We could add another 'or' on the above constraint:
> 
> or ( (t2 == mlsfilewrite_in_range) and (l1 dom l2) and (h1 domby h2) )
> 
> I believe that would be the constraint you were looking for.  I don't
> like the name of that attribute, but I couldn't come up with a better
> one off the top of my head. :)
> 

Attached is a patch which I've tested against selinux-policy-2.4.2-1
that implements this additional constraint.  The name is still a bit
forced, but it works.

-matt <mra at hp dot com>
 		2006-11-01 15:42:22 +00:00
..
corecommands.fc patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
corecommands.if fix up corecommands perm sets, add seutil_manage_config_dirs() 2006-10-27 13:55:35 +00:00
corecommands.te patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
corenetwork.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
corenetwork.if.in merge netlabel stuff from labeled-networking branch 2006-10-17 16:58:17 +00:00
corenetwork.if.m4 gentoo testing fixes 2006-09-19 17:02:29 +00:00
corenetwork.te.in patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
corenetwork.te.m4 fix corenetwork so the ifdef enable_mls survives to regular processing. 2006-09-29 17:37:57 +00:00
devices.fc patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
devices.if fix build error 2006-09-29 14:24:57 +00:00
devices.te Christopher J. PeBenito wrote: 2006-11-01 15:42:22 +00:00
domain.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
domain.if add main part of role-o-matic 2006-09-06 22:07:25 +00:00
domain.te bump versions to release numbers 2006-10-18 19:25:27 +00:00
files.fc patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
files.if patch from dan Mon, 25 Sep 2006 15:46:40 -0400 2006-09-28 14:37:29 +00:00
files.te patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
filesystem.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
filesystem.if patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
filesystem.te patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
kernel.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
kernel.if merge netlabel stuff from labeled-networking branch 2006-10-17 16:58:17 +00:00
kernel.te bump versions to release numbers 2006-10-18 19:25:27 +00:00
mcs.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
mcs.if add main part of role-o-matic 2006-09-06 22:07:25 +00:00
mcs.te bump versions to release numbers 2006-10-18 19:25:27 +00:00
metadata.xml remove extra level of directory 2006-07-12 20:32:27 +00:00
mls.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
mls.if Christopher J. PeBenito wrote: 2006-11-01 15:42:22 +00:00
mls.te Christopher J. PeBenito wrote: 2006-11-01 15:42:22 +00:00
selinux.fc remove extra level of directory 2006-07-12 20:32:27 +00:00
selinux.if add main part of role-o-matic 2006-09-06 22:07:25 +00:00
selinux.te bump versions to release numbers 2006-10-18 19:25:27 +00:00
storage.fc patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
storage.if patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
storage.te patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
terminal.fc - Move range transitions to modules. 2006-10-04 17:25:34 +00:00
terminal.if patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00
terminal.te patch from dan Tue, 24 Oct 2006 11:00:28 -0400 2006-10-31 21:01:48 +00:00