[selinux-policy: 819/3172] add proc_net lnk
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 20:15:53 UTC 2010
commit 7ebd6a9079e0c989c6c1f8b53bc415e23e3ab6f1
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Mon Oct 24 20:25:59 2005 +0000
add proc_net lnk
refpolicy/policy/modules/kernel/kernel.if | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
---
diff --git a/refpolicy/policy/modules/kernel/kernel.if b/refpolicy/policy/modules/kernel/kernel.if
index 21b89ab..6d557ad 100644
--- a/refpolicy/policy/modules/kernel/kernel.if
+++ b/refpolicy/policy/modules/kernel/kernel.if
@@ -751,13 +751,12 @@ interface(`kernel_search_network_state',`
interface(`kernel_read_network_state',`
gen_require(`
type proc_t, proc_net_t;
- class dir r_dir_perms;
- class file r_file_perms;
')
allow $1 proc_t:dir search;
allow $1 proc_net_t:dir r_dir_perms;
allow $1 proc_net_t:file r_file_perms;
+ allow $1 proc_net_t:lnk_file { getattr read };
')
########################################
More information about the scm-commits
mailing list