Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Gentoo Hardened (http://www.linux-archive.org/gentoo-hardened/)
-   -   SELinux base policy 2.20120725 rev 1 in hardened-dev overlay (http://www.linux-archive.org/gentoo-hardened/688334-selinux-base-policy-2-20120725-rev-1-hardened-dev-overlay.html)

Sven Vermeulen 07-28-2012 09:31 AM

SELinux base policy 2.20120725 rev 1 in hardened-dev overlay
 
Hi girls & guys,

Revision 1 of the 2.20120725 policy is now in the hardened-dev overlay. It
contains the following fixes:

<no bug> Large update on browser support: alsa, java, introduce flash, xdg
<no bug> Merge of 2.20120726 (bumping of module versions and coding style updates)
<no bug> Backport: rename epollwakeup to block_suspend to match naming in Linux 3.5
<no bug> Backport changes for nslcd
#427750 Allow init to create /run/mysqld directoriy
<no bug> Add fifo_file access for mozilla_t to mozilla_tmp_t (needed for icedtea-appletviewer-to-plugin)
#412637 Add in policy for chromium

Wkr,
Sven Vermeulen

"Paweł Hajdan, Jr." 07-31-2012 02:52 PM

SELinux base policy 2.20120725 rev 1 in hardened-dev overlay
 
On 7/28/12 11:31 AM, Sven Vermeulen wrote:
> #412637 Add in policy for chromium

Just a note from one of chromium maintainers here: please give it a try
even if you don't use chromium as your main browser. Writing policies
for client-side software is not really easy, so the more systems this
can be tested on, the better (that includes users' expectations).

Thanks,
Paweł

Sven Vermeulen 07-31-2012 07:51 PM

SELinux base policy 2.20120725 rev 1 in hardened-dev overlay
 
On Tue, Jul 31, 2012 at 04:52:24PM +0200, "Paweł Hajdan, Jr." wrote:
> On 7/28/12 11:31 AM, Sven Vermeulen wrote:
> > #412637 Add in policy for chromium
>
> Just a note from one of chromium maintainers here: please give it a try
> even if you don't use chromium as your main browser. Writing policies
> for client-side software is not really easy, so the more systems this
> can be tested on, the better (that includes users' expectations).

For those interested, the current policy (the one that will be in rev 2 as
it contains a few minor changes still) can also be seen online at
http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=blob;f=policy/modules/contrib/chromium.te

Wkr,
Sven Vermeulen


All times are GMT. The time now is 02:48 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.