Feature #4464
closed
Implement SELinux policy for smart-proxy
Added by Lukas Zapletal about 11 years ago.
Updated over 6 years ago.
Description
Now the question is how deep we want to go. Smart proxy can be configured to spawn virsh via sudo and other stuff. I guess we should limit what is covered by the policy.
Agreed... the trouble is also that the proxy codebase is messy and it has a lot of ugly implementations. I think the policy should probably be very tunable depending on what type of work the proxy is configured for.
- Priority changed from Normal to High
- Target version set to 1.7.5
- Status changed from New to Assigned
- Assignee set to Lukas Zapletal
- Priority changed from High to Urgent
Yup, it's official. I started works on the foreman-proxy policy.
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/theforeman/smart-proxy/pull/201 added
- Pull request deleted (
- Status changed from Ready For Testing to Assigned
- Target version changed from 1.7.5 to 1.7.4
- Status changed from Assigned to Ready For Testing
- Target version changed from 1.7.4 to 1.7.3
- Target version changed from 1.7.3 to 1.7.2
- Translation missing: en.field_release set to 28
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by Anonymous