[selinux-policy: 55/3172] daemon domain allows noatsecure siginh rlimitinh, not dontaudit
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 19:09:44 UTC 2010
commit bcd35991d18ba3c2adaf55dc2f0d5953041b1893
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Wed Apr 27 21:55:18 2005 +0000
daemon domain allows noatsecure siginh rlimitinh, not dontaudit
refpolicy/policy/modules/system/domain.if | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/refpolicy/policy/modules/system/domain.if b/refpolicy/policy/modules/system/domain.if
index de4070b..d2881c4 100644
--- a/refpolicy/policy/modules/system/domain.if
+++ b/refpolicy/policy/modules/system/domain.if
@@ -140,7 +140,7 @@ requires_block_template(domain_all_daemon_domains_transition_depend,$3)
allow $1 daemon_domain:process transition;
allow $1 daemon_domain_entry:file { getattr read execute };
allow init_domain $1:fd use;
-dontaudit $1 daemon_domain:process { noatsecure siginh rlimitinh };
+allow $1 daemon_domain:process { noatsecure siginh rlimitinh };
')
define(`domain_all_daemon_domains_transition_depend',`
More information about the scm-commits
mailing list