| 1 |
commit: 1487f95addb4ccbcc6e0bb6164b39b72e345f532 |
| 2 |
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org> |
| 3 |
AuthorDate: Sat Aug 23 11:35:50 2014 +0000 |
| 4 |
Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com> |
| 5 |
CommitDate: Tue Aug 26 14:52:08 2014 +0000 |
| 6 |
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=1487f95a |
| 7 |
|
| 8 |
Add ioctl and lock to manage_lnk_file_perms |
| 9 |
|
| 10 |
manage_lnk_file_perms permission is expected to be larger than |
| 11 |
write_lnk_file_perms and therefore include ioctl and lock. |
| 12 |
|
| 13 |
--- |
| 14 |
policy/support/obj_perm_sets.spt | 2 +- |
| 15 |
1 file changed, 1 insertion(+), 1 deletion(-) |
| 16 |
|
| 17 |
diff --git a/policy/support/obj_perm_sets.spt b/policy/support/obj_perm_sets.spt |
| 18 |
index d241410..0ff760b 100644 |
| 19 |
--- a/policy/support/obj_perm_sets.spt |
| 20 |
+++ b/policy/support/obj_perm_sets.spt |
| 21 |
@@ -183,7 +183,7 @@ define(`rw_lnk_file_perms',`{ getattr read write lock ioctl }') |
| 22 |
define(`create_lnk_file_perms',`{ create getattr }') |
| 23 |
define(`rename_lnk_file_perms',`{ getattr rename }') |
| 24 |
define(`delete_lnk_file_perms',`{ getattr unlink }') |
| 25 |
-define(`manage_lnk_file_perms',`{ create read write getattr setattr link unlink rename }') |
| 26 |
+define(`manage_lnk_file_perms',`{ create read write getattr setattr link unlink rename ioctl lock }') |
| 27 |
define(`relabelfrom_lnk_file_perms',`{ getattr relabelfrom }') |
| 28 |
define(`relabelto_lnk_file_perms',`{ getattr relabelto }') |
| 29 |
define(`relabel_lnk_file_perms',`{ getattr relabelfrom relabelto }') |
Archives