[selinux-policy/f14/master] - Turn off default transition to mozilla_plugin and telepathy domains from unconfined user - Turn of

[Daniel J Walsh]

commit c9f94ed8e0e04f6948172057ec8dde57b442165b
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Fri Oct 1 12:06:51 2010 -0400

    - Turn off default transition to mozilla_plugin and telepathy domains from unconfined user
    - Turn off iptables from unconfined user
    - Allow sudo to send signals to any domains the user could have transitioned to.
    - Passwd in single user mode needs to talk to console_device_t
    - Mozilla_plugin_t needs to connect to web ports, needs to write to video device, and read alsa_home_t alsa setsup pulseaudio
    - locate tried to read a symbolic link, will dontaudit
    - New labels for telepathy-sunshine content in homedir
    - Google is storing other binaries under /opt/google/talkplugin
    - bluetooth/kernel is creating unlabeled_t socket that I will allow it to use until kernel fixes bug
    - Add boolean for unconfined_t transition to mozilla_plugin_t and telepathy domains, turned off in F14 on in F15
    - modemmanger and bluetooth send dbus messages to devicekit_power
    - Samba needs to getquota on filesystems labeld samba_share_t

 booleans-targeted.conf |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/booleans-targeted.conf b/booleans-targeted.conf
index 0adccb0..019ff76 100644
--- a/booleans-targeted.conf
+++ b/booleans-targeted.conf
@@ -253,7 +253,7 @@ allow_nsplugin_execmem=true
 
 # Allow unconfined domain to transition to confined domain
 # 
-allow_unconfined_nsplugin_transition=true
+allow_unconfined_nsplugin_transition=false
 
 # Allow mplayer to run in the unconfined domain 
 #