Index: policy/flask/access_vectors
===================================================================
--- policy/flask/access_vectors	(revision 2065)
+++ policy/flask/access_vectors	(working copy)
@@ -635,4 +635,5 @@
 class context
 {
 	translate
+	transition
 }
Index: policy/modules/system/authlogin.if
===================================================================
--- policy/modules/system/authlogin.if	(revision 2065)
+++ policy/modules/system/authlogin.if	(working copy)
@@ -278,6 +278,9 @@
 	allow $2 $1:fd use;
 	allow $2 $1:fifo_file rw_file_perms;
 	allow $2 $1:process sigchld;
+
+        # Check MLS Range
+        allow $1 domain:context transition;
 ')
 
 ########################################
Index: policy/mls
===================================================================
--- policy/mls	(revision 2065)
+++ policy/mls	(working copy)
@@ -596,4 +596,7 @@
 mlsconstrain context translate
 	(( h1 dom h2 ) or ( t1 == mlstranslate ));
 
+mlsconstrain context transition
+	( h1 dom h2 );
+
 ') dnl end enable_mls