[selinux-policy: 1594/3172] fix miscfiles_read_localization()
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 21:22:57 UTC 2010
commit 2cac32a605dff121144a954939b74a7ed6e91d74
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Wed Sep 13 18:08:17 2006 +0000
fix miscfiles_read_localization()
policy/modules/kernel/files.if | 19 +++++++++++++++++++
policy/modules/kernel/files.te | 2 +-
policy/modules/system/miscfiles.if | 3 +--
policy/modules/system/miscfiles.te | 2 +-
4 files changed, 22 insertions(+), 4 deletions(-)
---
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 8ade7e6..c390959 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -1905,6 +1905,25 @@ interface(`files_relabel_etc_files',`
########################################
## <summary>
+## Read symbolic links in /etc.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_read_etc_symlinks',`
+ gen_require(`
+ type etc_t;
+ ')
+
+ allow $1 etc_t:dir search_dir_perms;
+ allow $1 etc_t:lnk_file { getattr read };
+')
+
+########################################
+## <summary>
## Create objects in /etc with a private
## type using a type_transition.
## </summary>
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index d397dca..dea8e5c 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -1,5 +1,5 @@
-policy_module(files,1.2.15)
+policy_module(files,1.2.16)
########################################
#
diff --git a/policy/modules/system/miscfiles.if b/policy/modules/system/miscfiles.if
index 549b4fb..bcaddcd 100644
--- a/policy/modules/system/miscfiles.if
+++ b/policy/modules/system/miscfiles.if
@@ -106,8 +106,7 @@ interface(`miscfiles_read_localization',`
type locale_t;
')
- files_search_etc($1)
- # FIXME: $1 read etc_t:lnk_file here
+ files_read_etc_symlinks($1)
files_search_usr($1)
allow $1 locale_t:dir r_dir_perms;
allow $1 locale_t:lnk_file r_file_perms;
diff --git a/policy/modules/system/miscfiles.te b/policy/modules/system/miscfiles.te
index 0e18a68..819d71b 100644
--- a/policy/modules/system/miscfiles.te
+++ b/policy/modules/system/miscfiles.te
@@ -1,5 +1,5 @@
-policy_module(miscfiles,1.0.4)
+policy_module(miscfiles,1.0.5)
########################################
#
More information about the scm-commits
mailing list