On Thu, 2006-03-30 at 15:31 -0500, Daniel J Walsh wrote: > > Next, the delivered targeted policy doesn't constrain postfix (it seems to > > reference postfix, but then aliases it to unconfined). Again, the Guide > > suggests I could write new policy specifically for something like postfix, > > in essence extending the targeted policy. Interestingly, I see that the > > gentoo project has a whole bunch of SELinux policies available, including > > one for postfix. A side question I have is: does it make sense to adapt/use > > the policies available in the gentoo project to extend the targeted policy > > for new processes, or is that a bad idea? Adapting policies from Gentoo to RHEL4 is unlikely to be fruitful due to divergence between their base policies, but there is already a postfix policy in the upstream example and/or reference policy, and that is included in Fedora Core 4 and later I believe. So you can use the postfix policy from Fedora instead, with some modification. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
