In order to get firefox, evolution and xterm to run under twm with the
X object manager in enforcing/mls at a single level I had to add the
following user policy:
allow $1_t $1_rootwindow_t:x_drawable { get_property getattr
read override hide send destroy remove_child };
allow $1_t $1_xserver_t:x_resource write;
Where $1 is user
xinit was started by hand at init 3.
Not being an X guy, I don't really understand what I just allowed.
Does this make sense?
joe
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
