I've pushed out selinux-base-policy version 2.20110726-r5 to the hardened-dev overlay. It does not hold huge changes, most of them are rewrites or updates on pre-existing patches (on the SELinux policies) to make them conform the refpolicy naming conventions and other guidelines. It includes preliminary support for the XDG Specification although changes there are still going to occur (as the policy is still under development). Other updates are primarily on the policies for user applications (pan, mozilla, skype), portage and asterisk.

In related news, the Gentoo Hardened SELinux FAQ is updated with two entries:

  1. Portage fails to label files because "setfiles" does not work anymore, and
  2. Applications do not transition on a nosuid-mounted partition

Comments

To comment as a guest, use "Or sign up with disqus" and then select the "I'd rather post as guest" option.

comments powered by Disqus