nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
c2f056b2f6
selinux-refpolicy/policy
History
Dominick Grift c2f056b2f6 Implement mcs_constrained_type 
This process is not allowed to interact with subjects or operate on
objects that it would otherwise be able to interact with or operate on
respectively.

This is, i think, to make sure that specified processes cannot interact
with subject or operate on objects regardless of its mcs range.

It is used by svirt and probably also by sandbox

Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
2012-11-28 16:12:25 -05:00
..
flask Rename epollwakeup capability2 permission to block_suspend to match the 2012-07-25 09:01:55 -04:00
modules Implement mcs_constrained_type 2012-11-28 16:12:25 -05:00
support Add optional file name to filetrans_pattern. 2011-11-02 08:48:25 -04:00
constraints Allow user and role changes on dynamic transitions with the same constraints as regular transitions. 2011-09-02 09:59:26 -04:00
global_booleans Move secure_mode_policyload into selinux module as that is the only place it is used. 2011-09-26 09:53:23 -04:00
global_tunables Rename allow_console tunable to console_login. 2011-01-14 11:44:42 -05:00
mcs Implement mcs_constrained_type 2012-11-28 16:12:25 -05:00
mls SEPostgresql changes from Kohei KaiGai. 2012-05-18 09:28:18 -04:00
policy_capabilities trunk: update policycaps comments for sock_file open perm. 2009-07-01 13:34:54 +00:00
users Typo in policy/users 2009-12-18 08:51:58 -05:00