On Wed, 2007-12-19 at 12:57 -0500, Daniel J Walsh wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Ok although, I think we should fix the policy to not cause this app to > blow up. When I give my talks about writing policy, it does not > translate the handling of the utmp file properly because of this. > But how can we? We're talking about old policies in the wild. What I really want to do is to always parse everything and just catch exceptions. The problem is that the parser internal state gets screwed on some parse errors - haven't been able to track down the problem. > What policies were broken. I plan on back porting this change to Fedora 8. I don't have the exact policy versions. For the Fedora 8 supplied version it should be fine to drop the blacklist, but not in the upstream version. Karl -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
