Just to inform you that these AVCs have been corrected in selinux-
policy-targeted 2.2.9-1. But new hid2hci denied read and write AVCs have
appeared. The never-ending game ;-)
There is no way for this game to end... Not until software developers
take over the task of writing policy themselves.
I know Dan disagrees with me on this, but I think that this is the only
way for selinux to be really accepted into the mainstream. First,
however, more infrastructure is needed to make this possible. Modular
policy is a step in the right direction. I see that the current strict
policy is now modular, and that's good news...
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
