[selinux-policy: 2982/3172] Do not audit interface should not provide permission to read parent directories.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 23:25:26 UTC 2010
commit d0b7562f02f7211a9e3d3982455c3a0b88a57e64
Author: Dominick Grift <domg472 at gmail.com>
Date: Thu Sep 16 09:36:06 2010 +0200
Do not audit interface should not provide permission to read parent directories.
Signed-off-by: Dominick Grift <domg472 at gmail.com>
policy/modules/services/sssd.if | 1 -
1 files changed, 0 insertions(+), 1 deletions(-)
---
diff --git a/policy/modules/services/sssd.if b/policy/modules/services/sssd.if
index 941380a..8208308 100644
--- a/policy/modules/services/sssd.if
+++ b/policy/modules/services/sssd.if
@@ -128,7 +128,6 @@ interface(`sssd_dontaudit_search_lib',`
')
dontaudit $1 sssd_var_lib_t:dir search_dir_perms;
- files_search_var_lib($1)
')
########################################
More information about the scm-commits
mailing list