Fixed assert.te to allow unrestricted domains full access.

Added httpd_unconfined_t so that if a user has a script that can not run 
under SELinux protection, he can label just this script
with httpd_unconfined_script_t and it will run in an unconfined domain.  
The rest of the scripts and httpd itself will run under
normal apache policy. I am not sure if we want this protected via a 
boolean or not.  The user has to set httpd_unconfined_script_t on
a script for it to take place.  Maybe should be placed under a boolean.  
This is better than the current solution which is to turn off
protection for all of apache.

Merged in changes to get ready for name_connect.

Also added liberal allow rules for all domains that
have can_network or can_network_tcp.  Allowing them to connect to port_type.
I need help from people to go through these network controls and tighten 
them up.   IE we need to specify the only ports that
dhcp, or named or xserver etc can connect to.

Alot of port_type definitions need to be moved out of their individual 
te files into types/network.te

I also changed can_kerberos, can_portmap, can_resolv, can_ldap to use 
the named ports.

Dan

--