From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1PgPkL-0001aF-A3 for garchives@archives.gentoo.org; Fri, 21 Jan 2011 22:46:21 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 2FEA1E0C50; Fri, 21 Jan 2011 22:43:57 +0000 (UTC) Received: from mail.aoaforums.com (www.aoaforums.com [174.123.188.106]) by pigeon.gentoo.org (Postfix) with ESMTP id 04C0FE0C50 for ; Fri, 21 Jan 2011 22:43:56 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.aoaforums.com (Postfix) with ESMTP id 88DA21344CD for ; Fri, 21 Jan 2011 22:43:56 +0000 (GMT) X-DKIM: Sendmail DKIM Filter v2.8.3 mail.aoaforums.com 88DA21344CD DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=giz-works.com; s=20080229-giz-works-com; t=1295649836; bh=f9mYq9dOATgWe3cuSpOQWdezoPc=; h=Message-ID:Date:From:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=b+3u+1UUB3d9HOYHW8wBOehSTTQEw80d9yg0HpTM/JfYwJUbon/6O2WHcoJlQJGTK 6VjViKhTPn5PjL4ufHMITb74wOTZLvbio9g2+8SwiaFNx1HMs+ZQFTXnQkuA7HFLOb RA7y3AZfGrbJ6hz7WIfZ7+UzaHeaXvb36EVIc6TI= X-Virus-Scanned: amavisd-new at aoaforums.com Received: from mail.aoaforums.com ([127.0.0.1]) by localhost (aoaforums.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kd+B6ufNdVVJ for ; Fri, 21 Jan 2011 22:43:55 +0000 (GMT) Received: from [10.0.0.8] (adsl-70-134-53-63.dsl.spfdmo.swbell.net [70.134.53.63]) by mail.aoaforums.com (Postfix) with ESMTPSA id 36AC12F373 for ; Fri, 21 Jan 2011 22:43:55 +0000 (GMT) Message-ID: <4D3A0C2A.10602@giz-works.com> Date: Fri, 21 Jan 2011 16:43:54 -0600 From: Chris Richards User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101209 Fedora/3.1.7-0.35.b3pre.fc14 Thunderbird/3.1.7 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 To: gentoo-hardened@lists.gentoo.org Subject: Re: [gentoo-hardened] SELinux policy rules principles? References: <20110116150950.GA17577@siphos.be> <4D3325A7.5080101@giz-works.com> <20110121215509.GA19680@siphos.be> In-Reply-To: <20110121215509.GA19680@siphos.be> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: X-Archives-Hash: 3049dd6f3b2766e4840129f92ccc47a8 On 01/21/2011 03:55 PM, Sven Vermeulen wrote: > The document: http://goo.gl/2U0Zr > > I've included a few of the items we discussed already, but also added > two others ones (see the "No Role-Specific Domains" and "Only Reference > Policy Suggested Roles" rules). > > It's a *discussion* document, I'm really open to (many) suggestions (and > enhancements ;-) I think it's an outstanding first pass Sven, and to be honest it appears to cover all of the necessary things at the moment. I really can't think of anything to add, though I'll think about it some. Later, Chris