[selinux-policy: 2990/3172] Allow users to ptrace and send any kind of signal to spamassassin agents.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 23:26:07 UTC 2010
commit 4ff4ddfaa3a75121b71a2c4c8ce4f229c3159b07
Author: Dominick Grift <domg472 at gmail.com>
Date: Thu Sep 16 11:05:31 2010 +0200
Allow users to ptrace and send any kind of signal to spamassassin agents.
policy/modules/services/spamassassin.if | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
---
diff --git a/policy/modules/services/spamassassin.if b/policy/modules/services/spamassassin.if
index 5ceb6da..9c20d36 100644
--- a/policy/modules/services/spamassassin.if
+++ b/policy/modules/services/spamassassin.if
@@ -25,9 +25,13 @@ interface(`spamassassin_role',`
role $1 types { spamc_t spamassassin_t };
domtrans_pattern($2, spamassassin_exec_t, spamassassin_t)
+
+ allow $2 spamassassin_t:process { ptrace signal_perms };
ps_process_pattern($2, spamassassin_t)
domtrans_pattern($2, spamc_exec_t, spamc_t)
+
+ allow $2 spamc_t:process { ptrace signal_perms };
ps_process_pattern($2, spamc_t)
manage_dirs_pattern($2, spamassassin_home_t, spamassassin_home_t)
More information about the scm-commits
mailing list