Actions
Feature #4464
closedImplement SELinux policy for smart-proxy
Description
Now the question is how deep we want to go. Smart proxy can be configured to spawn virsh via sudo and other stuff. I guess we should limit what is covered by the policy.
Updated by Dominic Cleal about 11 years ago
Agreed... the trouble is also that the proxy codebase is messy and it has a lot of ugly implementations. I think the policy should probably be very tunable depending on what type of work the proxy is configured for.
Updated by Lukas Zapletal almost 11 years ago
- Priority changed from Normal to High
OSP guys rely on this feature, boosting priority: https://bugzilla.redhat.com/show_bug.cgi?id=1105154
Updated by Lukas Zapletal over 10 years ago
- Status changed from New to Assigned
- Assignee set to Lukas Zapletal
- Priority changed from High to Urgent
Yup, it's official. I started works on the foreman-proxy policy.
Updated by Anonymous over 10 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset f4a857f6005b4ed1183219b5ef1ac5f90ffd0a32.
Actions