Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 199404

Summary: sec-policy/selinux-cyrus-sasl proposed updates
Product: Gentoo Linux Reporter: Julien Thomas <julien.thomas.1>
Component: HardenedAssignee: SE Linux Bugs <selinux>
Status: RESOLVED INVALID    
Severity: normal CC: julien.thomas.1
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Julien Thomas 2007-11-16 21:44:22 UTC
The current version of the SELinux security module can be reinforced to perform better security control and customization.

Modifications concerned
- network access customization
- files configuration control
- selinux access desactivation (but customizable)
Comment 1 Julien Thomas 2007-11-16 21:47:35 UTC
-- previously forgotten informations ---

see patch description http://aispirit.tuxfamily.org/bugs/pdf/updateSASL_en.pdf
full selinux modules are available at http://aispirit.tuxfamily.org/bugs/patches/sasl-1.4.3-lo_netif_t.rar

Please, 
Note that these patches are only draft that have not been approved by the
hardened-gentoo comunity.

> The current version of the SELinux security module can be reinforced to perform
> better security control and customization.
> 
> Modifications concerned
> - network access customization
> - files configuration control
> - selinux access desactivation (but customizable)
> 

Comment 2 Chris PeBenito (RETIRED) gentoo-dev 2009-12-16 15:03:00 UTC
closing stale bugs.  reference URLs are invalid anyway.
Comment 3 Julien Thomas 2009-12-16 15:22:21 UTC
(In reply to comment #2)
> closing stale bugs.  reference URLs are invalid anyway.
> 

Same closing remark, as for previous bug 199298

The URL have been changed to http://www.julienthomas.eu/bugs/pdf/ and http://www.julienthomas.eu/bugs/patches/.

However, the proposed upgrades were valid for
- Linux 2.6.20-hardened-r5 (2007 !)
- ndev-libs/cyrus-sasl 2.1.22-r2
(as stated on the PDFs).

I will, if I have time, look at the new policies to see if the updates are
still valid.

Best Regards,
Julien Thomas