[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pegasus

To: "Christopher J. PeBenito" <cpebenito@xxxxxxxxxx>
Subject: Re: pegasus
From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
Date: Mon, 24 Oct 2005 11:13:48 -0400
Cc: SELinux Mail List <selinux@xxxxxxxxxxxxx>
In-reply-to: <1130017523.10739.83.camel@xxxxxxxxxxxxxxxxxxxxxxx>
References: <1130017523.10739.83.camel@xxxxxxxxxxxxxxxxxxxxxxx>
Sender: owner-selinux@xxxxxxxxxxxxx
User-agent: Mail/News 1.4.1 (X11/20051008)

Christopher J. PeBenito wrote:

While converting the pegasus policy over to reference policy, I came
across this peculiar use types and rules:

type pegasus_conf_exec_t, file_type, exec_type, sysadmfile;

rw_dir_create_file(pegasus_conf_exec_t, pegasus_conf_t)

This is the only use of pegasus_conf_exec_t, and is obvious that it
doesn't have an effect.  There is a pegasus_conf_t, but it also is a
file_type, used for the configuration files.  My guess is that the
original intention was to make a domain for pegasus configuration
programs, but it went awry.

Yes, I am going to meet with the developer of the policy and see what heintended. For now I would eliminate them from policy.


--



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.

References:
- pegasus
  - From: Christopher J. PeBenito

Prev by Date: Re: [ SEMANAGE ] Resync to sepol changes
Next by Date: Re: capability audit_write, audit_control
Previous by thread: pegasus
Next by thread: [ SEMANAGE 2 ] Fix dbase transactions
Index(es):
- Date
- Thread

This mailing list archive is a service of Copilot Consulting.