On Thu, Mar 11, 2004 at 11:17:49AM -0500, Bill Nottingham wrote: > Russell Coker (russell@xxxxxxxxxxxx) said: > > How does /dev/input really work? As I understand it event0 could be a > > keyboard or a mouse. So maybe we want a separate type for this so that when > > using gpm it can access it, but when the user is granted direct mouse access > > they can't read the keyboard directly. > > > > Does this make sense? > > X will need access to eventX as well. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=117369 I guess that init 5 is ok as that is running under system_r:xdm_xserver_t so we can set that up as with gpm. A user starts user_xserver_t, I'm still finding my feet around policy is this enough to restrict by type. Paul
