On Thursday 17 March 2005 00:19, David Hampton <hampton(a)employees.org> wrote:
Here's a new policy to support the pop-before-smtp daemon from
http://people.FreeBSD.org/~sheldonh/popb4smtp-nodb.tar.gz . I'd
appreciate any feedback on these files or tips on how to write better
policies. Thanks.
All policy that you publish should use the proper locations of files as used
in packaged software. /usr/local is only for things that the administrator
compiles themself and generally shouldn't appear in .fc files.
daemon_domain() has the domain_auto_trans() rule to allow running from
initrc_t.
This daemon does not need two domains, just give it one, things will be a lot
easier and no less secure.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page