[selinux-policy: 2950/3172] Use ps_process_pattern to read state. Permission to seach proc_t directories is required to read aut
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 23:22:42 UTC 2010
commit 0540e22fcc0f5e8bca8085b063b98372e5924ac9
Author: Dominick Grift <domg472 at gmail.com>
Date: Wed Sep 15 10:35:12 2010 +0200
Use ps_process_pattern to read state. Permission to seach proc_t directories is required to read automount state.
Signed-off-by: Dominick Grift <domg472 at gmail.com>
policy/modules/services/automount.if | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
---
diff --git a/policy/modules/services/automount.if b/policy/modules/services/automount.if
index d80a16b..bba047d 100644
--- a/policy/modules/services/automount.if
+++ b/policy/modules/services/automount.if
@@ -68,7 +68,8 @@ interface(`automount_read_state',`
type automount_t;
')
- read_files_pattern($1, automount_t, automount_t)
+ kernel_search_proc($1)
+ ps_process_pattern($1, automount_t)
')
########################################
More information about the scm-commits
mailing list