On Tuesday 28 November 2006 6:13 pm, James Antill wrote: > Example config.: > > # selinux_context = user_u:system_r:inetd_t:SystemLow-SystemHigh > selinux_context = user_u:system_r:httpd_t > # selinux_context = user_u:system_r:fingerd_t > > Anyway, here are the patches/rpms: > > http://people.redhat.com/jantill/xinetd/
I just took a quick look at the patch and I have to ask why you decided to take the context from the xinetd config file instead of using security_compute_create() as described in BZ #209379? As it stands I don't think the current approach of taking the full SELinux context (TE and MLS label) from the config file solves the problem we are interested in - multi-level network services via xinetd. Thanks for working on this. -- paul moore linux security @ hp -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
