[refpolicy] [PATCH 0/3] Updated X object manager policy -v2: Intro

All of lore.kernel.org
 help / color / mirror / Atom feed

From: ewalsh@tycho.nsa.gov (Eamon Walsh)
To: refpolicy@oss.tresys.com
Subject: [refpolicy] [PATCH 0/3] Updated X object manager policy -v2: Intro
Date: Tue, 27 Oct 2009 22:05:54 -0400	[thread overview]
Message-ID: <4AE7A702.60309@tycho.nsa.gov> (raw)

This patch series is an updated policy for the X server object manager.  
This is the policy that I was running in Portland for my various demos. 
It includes new x_pointer/x_keyboard classes, unconfined-by-default 
user types, and other changes.  The only thing missing here is updated 
mls constraints; I am still working on those.

The 3 patches here are NOT independent and breakage will probably 
result if only some of them are applied.  I only broke them up in an 
attempt to make it easier to review the changes.

This is also available in a git tree at 
git://anongit.freedesktop.org/~ewalsh/refpolicy (branch "master"), for 
ease of pulling.

Changes from -v1:

Dropped the x_keyboard/x_pointer object class patch (already pushed).

Dropped the patch making system_dbusd_t and consolekit_t unconfined.
This is so the focus is only on the changes to the xserver module.

No changes to the existing xserver_role and xserver_restricted_role
interfaces.  The existing UBAC-based controls have been restored.

Removed an apostrophe in a comment that was causing m4 errors.

-- 

Eamon Walsh 
National Security Agency

next             reply	other threads:[~2009-10-28  2:05 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-10-28  2:05 Eamon Walsh [this message]
2009-10-28  2:18 ` [refpolicy] [PATCH 1/3] X Object Manager policy revisions to xserver.te Eamon Walsh
2009-10-28  2:19 ` [refpolicy] [PATCH 2/4] X Object Manager policy revisions to xserver.if Eamon Walsh
2009-10-28  2:20 ` [refpolicy] [PATCH 3/3] X Object manager policy revisions to x_contexts Eamon Walsh
2009-10-28 13:57 ` [refpolicy] [PATCH 0/3] Updated X object manager policy -v2: Intro Christopher J. PeBenito
2009-10-29 22:57   ` Eamon Walsh
2009-10-30 13:17     ` Christopher J. PeBenito
2009-10-30 22:24       ` Eamon Walsh
2009-11-02 13:45         ` Christopher J. PeBenito

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4AE7A702.60309@tycho.nsa.gov \
    --to=ewalsh@tycho.nsa.gov \
    --cc=refpolicy@oss.tresys.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.