520754 – Refactor mail related policies

Bug 520754 - Refactor mail related policies

Summary: Refactor mail related policies

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	SELinux (show other bugs)
Hardware:	All Linux

Importance:	Normal enhancement
Assignee:	Sven Vermeulen (RETIRED)

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2014-08-24 10:02 UTC by Sven Vermeulen (RETIRED)
Modified:	2015-06-09 10:54 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sven Vermeulen (RETIRED) gentoo-dev

2014-08-24 10:02:38 UTC

This bug is to let others know I'm taking a stab at refactoring the mail infrastructure domains (currently provided through the mta module). The idea is to introduce the mail_*_agent (MUA, MTA, MRA, MDA and MSA) domains and interact with those.

The intermediate sendmail domain (currently created through user_mail_t or system_mail_t) will be rewritten and will optionally contain the privileges of the implementing technology.

A mail_selinux manual page will be created explaining the new policy in detail.

A stub mta will be provided.

Reproducible: Always

Comment 1 Sven Vermeulen (RETIRED) gentoo-dev

2015-06-09 10:54:38 UTC

Dropping this for a while. It works pretty well, but will not be accepted by upstream. I'll probably make this open later as part of a more global policy draft. But for now marking this as WONTFIX as it is not pressing for Gentoo.