On Wed, 2008-02-20 at 02:00 -0800, Devin Carraway wrote: > Here are a handful of localized fixes to the Exim policy, based on SVN > head refpolicy and Debian Sid: Merged with two exceptions. > - grant readonly access to var_lib_t, to read runtime-generated conf This seems questionable. It sounds like there should be a specific type for this. > corenet_tcp_sendrecv_all_if(exim_t) > corenet_tcp_sendrecv_all_nodes(exim_t) > corenet_tcp_sendrecv_all_ports(exim_t) > +corenet_tcp_sendrecv_smtp_port(exim_t) > +corenet_tcp_sendrecv_auth_port(exim_t) > +corenet_tcp_sendrecv_ldap_port(exim_t) This is redundant since it can already sendrecv all ports. -- Chris PeBenito Tresys Technology, LLC (410) 290-1411 x150 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
