rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity
2,969 Commits 8 Branches 92 Tags 37 MiB
0dacd040c3
Commit Graph

14 Commits

Author SHA1 Message Date
Dan Walsh
3a2e888584 cleanup mmap_low merge with upstream 2010-09-01 14:55:04 -04:00
Dan Walsh
cbadf720ba Merge branch 'master' of http://oss.tresys.com/git/refpolicy 
Conflicts:
	policy/modules/kernel/domain.if
	policy/modules/services/xserver.te
 2010-09-01 14:11:18 -04:00
Dominick Grift
623e4f0885 1/1] Make the ability to mmap zero conditional where this is fapplicable. 
Retry: forgot to include attribute mmap_low_domain_type attribute to domain_mmap_low()	:

Inspired by similar implementation in Fedora.
Wine and vbetool do not always actually need the ability to mmap a low area of the address space.
In some cases this can be silently denied.

Therefore introduce an interface that facilitates "mmap low" conditionally, and the corresponding boolean.
Also implement booleans for wine and vbetool that enables the ability to not audit attempts by wine and vbetool to mmap a low area of the address space.

Rename domain_mmap_low interface to domain_mmap_low_uncond.

Change call to domain_mmap_low to domain_mmap_low_uncond for xserver_t. Also move this call to distro redhat ifndef block because Redhat does not need this ability.

Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-09-01 09:41:56 -04:00
Dan Walsh
c71f02c02d More fixes 2010-08-30 11:15:53 -04:00
Dan Walsh
3eaa993945 UPdate for f14 policy 2010-08-26 09:41:21 -04:00
Dominick Grift
03b86663f0 apps: domain { allowed to transition, allowed access, to not audit }. 
Signed-off-by: Dominick Grift <domg472@gmail.com>
 2010-08-05 08:20:59 -04:00
Chris PeBenito
a7ee7f819a Docs standardizing on the role portion of run interfaces. Additional docs cleanup. 2010-08-03 09:20:22 -04:00
Chris PeBenito
a72e42f485 Interface documentation standardization patch from Dan Walsh. 2010-08-02 09:22:09 -04:00
Chris PeBenito
1db1836ab9 Remove improper usage of userdom_manage_home_role(), userdom_manage_tmp_role(), and userdom_manage_tmpfs_role(). 2010-07-06 13:17:05 -04:00
Chris PeBenito
4796d07ee0 Wine patch from Dan Walsh. 2010-02-19 09:17:51 -05:00
Chris PeBenito
296273a719 trunk: merge UBAC. 2008-11-05 16:10:46 +00:00
Chris PeBenito
8a9d6f6449 trunk: 6 patches from dan. 2007-09-07 13:41:20 +00:00
Chris PeBenito
c0868a7a3b merge policy patterns to trunk 2006-12-12 20:08:08 +00:00
Chris PeBenito
17de1b790b remove extra level of directory 2006-07-12 20:32:27 +00:00