aboutsummaryrefslogtreecommitdiffstats
path: root/untrusted_app.te
Commit message (Expand)AuthorAgeFilesLines
* add execmod to various app domainsNick Kralevich2014-06-021-2/+2
* untrusted_app: neverallow debugfsNick Kralevich2014-05-131-0/+8
* Make the untrusted_app domain enforcing.Stephen Smalley2014-05-011-1/+0
* Coalesce shared_app, media_app, release_app into untrusted_app.Stephen Smalley2014-04-041-1/+17
* Clean up, unify, and deduplicate app domain rules.Stephen Smalley2014-03-071-8/+0
* Remove redundant socket rules.Stephen Smalley2014-02-241-7/+0
* Clarify meaning of untrusted_app and app domain assignment logic.Stephen Smalley2014-02-211-3/+14
* Introduce asec_public_file type.Robert Craig2014-02-111-0/+2
* Support forcing permissive domains to unconfined.Nick Kralevich2014-01-111-1/+1
* Allow untrusted apps to execute binaries from their sandbox directories.Stephen Smalley2013-12-111-0/+4
* Isolate untrusted app ptys from other domains.Stephen Smalley2013-09-271-1/+1
* Revert "Add the ability to write shell files to the untrusted_app domain."Nick Kralevich2013-09-041-4/+1
* Add the ability to write shell files to the untrusted_app domain.Geremy Condra2013-08-161-1/+4
* Permit apps to bind TCP/UDP sockets to a hostnameAlex Klyubin2013-07-161-0/+3
* Move isolated_app.te / untrusted_app.te into permissiveNick Kralevich2013-07-161-0/+1
* Allow apps to create listening portsNick Kralevich2013-07-161-2/+2
* Temporarily allow untrusted apps to read shell data files.Nick Kralevich2013-07-151-0/+7
* untrusted_app.te / isolated_app.te / app.te first passNick Kralevich2013-07-131-2/+22
* Move *_app into their own fileNick Kralevich2013-07-121-0/+17
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 14:01:28 +0000