From: Daniel J Walsh <dwalsh@redhat.com>
To: SE Linux <selinux@tycho.nsa.gov>, Eamon Walsh <ewalsh@tycho.nsa.gov>
Subject: Ok latest Xserver is in rawhide, and permissive mode seems to be working.
Date: Wed, 27 Feb 2008 15:31:25 -0500 [thread overview]
Message-ID: <47C5C89D.3060600@redhat.com> (raw)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Although policy seems to be a long way off.
Trying to get all of these to work correctly is going to be a bear.
#============= staff_mono_t ==============
allow staff_mono_t staff_default_xproperty_t:x_property read;
allow staff_mono_t staff_t:x_drawable { get_property read getattr
list_child receive add_child };
#============= staff_t ==============
allow staff_t default_xproperty_t:x_property read;
allow staff_t output_xext_t:x_extension use;
allow staff_t staff_mono_client_xevent_t:x_synthetic_event send;
allow staff_t staff_mono_default_xevent_t:x_event receive;
allow staff_t staff_mono_default_xproperty_t:x_property read;
allow staff_t staff_mono_manage_xevent_t:x_event receive;
allow staff_t staff_mono_property_xevent_t:x_event receive;
allow staff_t staff_mono_t:x_drawable { get_property hide setattr show
receive manage send getattr list_child set_property };
allow staff_t xdm_xserver_t:x_device force_cursor;
I will try unconfined_t next.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkfFyJ0ACgkQrlYvE4MpobNy4gCgkRXAr9bB8zjHRktlEDog0ubh
un0An1O8mTXE5m6sT5SIK0AmChGyDfNf
=M8z0
-----END PGP SIGNATURE-----
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
reply other threads:[~2008-02-27 20:31 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47C5C89D.3060600@redhat.com \
--to=dwalsh@redhat.com \
--cc=ewalsh@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.