| 1 |
commit: 914fe9701f65cafdbf06e63f6691ebc7f4586943 |
| 2 |
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
| 3 |
AuthorDate: Tue May 3 20:47:38 2011 +0000 |
| 4 |
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
| 5 |
CommitDate: Tue May 3 20:47:38 2011 +0000 |
| 6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-docs.git;a=commit;h=914fe970 |
| 7 |
|
| 8 |
Enable open_perms by default |
| 9 |
|
| 10 |
--- |
| 11 |
xml/selinux/hb-using-install.xml | 6 ++++-- |
| 12 |
1 files changed, 4 insertions(+), 2 deletions(-) |
| 13 |
|
| 14 |
diff --git a/xml/selinux/hb-using-install.xml b/xml/selinux/hb-using-install.xml |
| 15 |
index a6a61a3..541b1fa 100644 |
| 16 |
--- a/xml/selinux/hb-using-install.xml |
| 17 |
+++ b/xml/selinux/hb-using-install.xml |
| 18 |
@@ -237,10 +237,12 @@ or disable them. |
| 19 |
</tr> |
| 20 |
<tr> |
| 21 |
<ti>open_perms</ti> |
| 22 |
- <ti>Disabled</ti> |
| 23 |
+ <ti>Enabled</ti> |
| 24 |
<ti> |
| 25 |
The open_perms capability enables the SELinux permission "open" for files |
| 26 |
- and file-related classes. |
| 27 |
+ and file-related classes. Support for the "open" call was added a bit later |
| 28 |
+ than others so support was first made optional. However, the policies have |
| 29 |
+ matured sufficiently to have the open permission set. |
| 30 |
</ti> |
| 31 |
</tr> |
| 32 |
<tr> |
Archives