FC3 strict policy
Russell Coker
russell at coker.com.au
Mon Oct 3 09:27:53 UTC 2005
I had a user ask me off-list about strict policy for FC3. It hadn't been
updated for name_connect and the policy in FC4 doesn't work.
Attached is a first pass at updating the FC3 strict policy to work with the
latest kernels. I encourage anyone who is running FC3 strict machines to use
selinux-policy-strict-sources-1.19.10-2 plus this patch instead of trying to
use FC4 policy.
NB It will take a little more work to get anything other than a basic server
going with this policy, but it should be less work than the other options and
the results should be better.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
-------------- next part --------------
A non-text attachment was scrubbed...
Name: diff.gz
Type: application/x-gzip
Size: 6191 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20051003/baabe260/attachment.gz
More information about the selinux
mailing list