FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 11-12-2011, 07:18 AM
Kohei KaiGai
 
Default incorrect type transition rules in fedora policy

Hi, I noticed the selinux-policy of Fedora is not updated to the
latest upstream refpolicy in type_transition rules.

The attached file is a diff set of services/postgresql.te between the
upstream and selinux-policy-3.10.0-55.
It drops the following type_transition rules:

type_transition postgresql_t sepgsql_database_type:db_schema sepgsql_schema_t;
type_transition postgresql_t sepgsql_schema_type:db_table sepgsql_sysobj_t;
type_transition postgresql_t sepgsql_schema_type:db_sequence sepgsql_seq_t;
type_transition postgresql_t sepgsql_schema_type:db_view sepgsql_view_t;
type_transition postgresql_t sepgsql_schema_type:db_procedure
sepgsql_proc_exec_t;

And, it defines the rules incorrectly.
-type_transition sepgsql_admin_type sepgsql_schema_type:db_sequence
sepgsql_seq_t;
+type_transition sepgsql_admin_type sepgsql_schema_type:db_schema sepgsql_seq_t;

-type_transition sepgsql_admin_type sepgsql_schema_type:db_view sepgsql_view_t;
+type_transition sepgsql_admin_type sepgsql_view_type:db_view sepgsql_view_t;

Please fix them. Thanks,
--
KaiGai Kohei <kaigai@kaigai.gr.jp>
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 

Thread Tools




All times are GMT. The time now is 09:17 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org