From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mummy.ncsc.mil (mummy.ncsc.mil [144.51.88.129]) by tarius.tycho.ncsc.mil (8.13.1/8.13.1) with ESMTP id m5HCogpc000573 for ; Tue, 17 Jun 2008 08:50:42 -0400 Received: from icweb02oc.mail2world.com (jazzhorn.ncsc.mil [144.51.5.9]) by mummy.ncsc.mil (8.12.10/8.12.10) with ESMTP id m5HCofF0004866 for ; Tue, 17 Jun 2008 12:50:42 GMT From: "T S" To: Subject: Question about XACE/X-SELinux Date: Tue, 17 Jun 2008 05:50:17 -0700 Message-ID: <07a701c8d078$b15798a0$046a010a@mail2world.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_07A8_01C8D03E.04F8C0A0" Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov This is a multi-part message in MIME format. ------=_NextPart_000_07A8_01C8D03E.04F8C0A0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Hello, I just want to try functionalities X-SELinux, such as prohibiting cut and paste. Since the below changelog(URL) says X-SELinux functionalities are turned off by default, I think I need to turn on at first. I appreciate someone tell me how to turn on. > http://lwn.net/Articles/283539/ I am using Fedora Core9, xorg-server-Xorg-1.4.99.902-3.20080612, and GNOME( meaning just after FC9 and yum update). I thought X-SELinux functionalities are turned on by default in FC9, so I tried the below steps. 1) setsebool xserver_object_manager=true 2) insert loadable module like below. because I was expecting some avc logs were generated if I tried cut and paste. > policy_module(test, 1.0.0) > gen_require(` > attribute domain; > class x_synthetic_event { send receive }; >') >auditallow domain domain:x_synthetic_event {send receive}; 3) setenforce 1 4) reboot GNOME( init 3 and init 5) 5) trying cut&paste from a window to others. No avclogs are found. Only found "Loading extension SELinux" in /var/log/Xorg.0.org. I appreciate someone tell me what I am missing here. Regards, K Need cash? Click to get an emergency loan, bad credit ok

_______________________________________________________________
Get the FREE email that has everyone talking at http://www.mail2world.com
Unlimited Email Storage – POP3 – Calendar – SMS – Translator – Much More! ------=_NextPart_000_07A8_01C8D03E.04F8C0A0 Content-Type: text/html Content-Transfer-Encoding: 7bit Hello,

I just want to try functionalities X-SELinux, such as prohibiting cut and paste.
Since the below changelog(URL) says X-SELinux functionalities are turned off by default,
I think I need to turn on at first.
I appreciate someone tell me how to turn on.
> http://lwn.net/Articles/283539/

I am using Fedora Core9, xorg-server-Xorg-1.4.99.902-3.20080612,
and GNOME( meaning just after FC9 and yum update).

I thought X-SELinux functionalities are turned on by default in FC9,
so I tried the below steps.
1) setsebool xserver_object_manager=true
2) insert loadable module like below. because I was expecting
some avc logs were generated if I tried cut and paste.

> policy_module(test, 1.0.0)
> gen_require(`
> attribute domain;
> class x_synthetic_event { send receive };
>')
>auditallow domain domain:x_synthetic_event {send receive};

3) setenforce 1
4) reboot GNOME( init 3 and init 5)
5) trying cut&paste from a window to others. No avclogs are found.
Only found "Loading extension SELinux" in /var/log/Xorg.0.org.

I appreciate someone tell me what I am missing here.

Regards,
K



_______________________________________________________________
Get the FREE email that has everyone talking at http://www.mail2world.com
Unlimited Email Storage – POP3 – Calendar – SMS – Translator – Much More! ------=_NextPart_000_07A8_01C8D03E.04F8C0A0-- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.