Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Gentoo>
  3. Hardened
SELinux base policy 2.20120725 rev 1 in hardened-dev overlay
swift at gentoo
Jul 28, 2012, 2:31 AM
Post #1 of 3 (1042 views)
Permalink
Hi girls & guys,

Revision 1 of the 2.20120725 policy is now in the hardened-dev overlay. It
contains the following fixes:

<no bug> Large update on browser support: alsa, java, introduce flash, xdg
<no bug> Merge of 2.20120726 (bumping of module versions and coding style updates)
<no bug> Backport: rename epollwakeup to block_suspend to match naming in Linux 3.5
<no bug> Backport changes for nslcd
#427750 Allow init to create /run/mysqld directoriy
<no bug> Add fifo_file access for mozilla_t to mozilla_tmp_t (needed for icedtea-appletviewer-to-plugin)
#412637 Add in policy for chromium

Wkr,
Sven Vermeulen
Re: SELinux base policy 2.20120725 rev 1 in hardened-dev overlay [ In reply to ]
phajdan.jr at gentoo
Jul 31, 2012, 7:52 AM
Post #2 of 3 (980 views)
Permalink
On 7/28/12 11:31 AM, Sven Vermeulen wrote:
> #412637 Add in policy for chromium

Just a note from one of chromium maintainers here: please give it a try
even if you don't use chromium as your main browser. Writing policies
for client-side software is not really easy, so the more systems this
can be tested on, the better (that includes users' expectations).

Thanks,
Paweł

Attached Files:

Re: SELinux base policy 2.20120725 rev 1 in hardened-dev overlay [ In reply to ]
swift at gentoo
Jul 31, 2012, 12:51 PM
Post #3 of 3 (974 views)
Permalink
On Tue, Jul 31, 2012 at 04:52:24PM +0200, "Paweł Hajdan, Jr." wrote:
> On 7/28/12 11:31 AM, Sven Vermeulen wrote:
> > #412637 Add in policy for chromium
>
> Just a note from one of chromium maintainers here: please give it a try
> even if you don't use chromium as your main browser. Writing policies
> for client-side software is not really easy, so the more systems this
> can be tested on, the better (that includes users' expectations).

For those interested, the current policy (the one that will be in rev 2 as
it contains a few minor changes still) can also be seen online at
http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=blob;f=policy/modules/contrib/chromium.te

Wkr,
Sven Vermeulen

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal