[selinux-policy: 2971/3172] Access to get attributes of target pppd_t domain is included with ps_process_pattern.

Daniel J Walsh dwalsh at fedoraproject.org
Thu Oct 7 23:24:30 UTC 2010 

commit 4eaffd271f30a4447134a7b7c691b415a6054fd6
Author: Dominick Grift <domg472 at gmail.com>
Date:   Wed Sep 15 13:37:04 2010 +0200

    Access to get attributes of target pppd_t domain is included with ps_process_pattern.
    
    Access to get attributes of target privoxy_t domain is included with ps_process_pattern.
    
    Access to get attributes of target radiusd_t domain is included with ps_process_pattern.
    
    Signed-off-by: Dominick Grift <domg472 at gmail.com>

 policy/modules/services/ppp.if     |    4 ++--
 policy/modules/services/privoxy.if |    2 +-
 policy/modules/services/radius.if  |    2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)
---
diff --git a/policy/modules/services/ppp.if b/policy/modules/services/ppp.if
index b524673..f916c76 100644
--- a/policy/modules/services/ppp.if
+++ b/policy/modules/services/ppp.if
@@ -360,7 +360,7 @@ interface(`ppp_admin',`
  		type pppd_initrc_exec_t;
 	')
 
-	allow $1 pppd_t:process { ptrace signal_perms getattr };
+	allow $1 pppd_t:process { ptrace signal_perms };
 	ps_process_pattern($1, pppd_t)
 
 	ppp_initrc_domtrans($1)
@@ -386,7 +386,7 @@ interface(`ppp_admin',`
 	files_list_pids($1)
 	admin_pattern($1, pppd_var_run_t)
 
-	allow $1 pptp_t:process { ptrace signal_perms getattr };
+	allow $1 pptp_t:process { ptrace signal_perms };
 	ps_process_pattern($1, pptp_t)
 
 	admin_pattern($1, pptp_log_t)
diff --git a/policy/modules/services/privoxy.if b/policy/modules/services/privoxy.if
index 1da26dc..c8f6cb5 100644
--- a/policy/modules/services/privoxy.if
+++ b/policy/modules/services/privoxy.if
@@ -24,7 +24,7 @@ interface(`privoxy_admin',`
 		type privoxy_initrc_exec_t;
 	')
 
-	allow $1 privoxy_t:process { ptrace signal_perms getattr };
+	allow $1 privoxy_t:process { ptrace signal_perms };
 	ps_process_pattern($1, privoxy_t)
 
 	init_labeled_script_domtrans($1, privoxy_initrc_exec_t)
diff --git a/policy/modules/services/radius.if b/policy/modules/services/radius.if
index 9a78598..8f132e7 100644
--- a/policy/modules/services/radius.if
+++ b/policy/modules/services/radius.if
@@ -38,7 +38,7 @@ interface(`radius_admin',`
 		type radiusd_initrc_exec_t;
 	')
 
-	allow $1 radiusd_t:process { ptrace signal_perms getattr };
+	allow $1 radiusd_t:process { ptrace signal_perms };
 	ps_process_pattern($1, radiusd_t)
 
 	init_labeled_script_domtrans($1, radiusd_initrc_exec_t)

More information about the scm-commits mailing list