Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sven Vermeulen <sven.vermeulen@××××××.be>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
Date: Sun, 28 Oct 2012 18:03:16
Message-Id: 1351447114.2b2254a8e419069b7cea19b37433f7657f0be9ea.SwifT@gentoo
1 commit: 2b2254a8e419069b7cea19b37433f7657f0be9ea
2 Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
3 AuthorDate: Sat Oct 27 12:30:27 2012 +0000
4 Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
5 CommitDate: Sun Oct 28 17:58:34 2012 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=2b2254a8
7
8 Re-add missing network rule in screen policy module
9
10 Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
11
12 ---
13 policy/modules/contrib/screen.te | 5 +++--
14 1 files changed, 3 insertions(+), 2 deletions(-)
15
16 diff --git a/policy/modules/contrib/screen.te b/policy/modules/contrib/screen.te
17 index 2af1220..94b67d7 100644
18 --- a/policy/modules/contrib/screen.te
19 +++ b/policy/modules/contrib/screen.te
20 @@ -1,4 +1,4 @@
21 -policy_module(screen, 2.5.1)
22 +policy_module(screen, 2.5.2)
23
24 ########################################
25 #
26 @@ -37,7 +37,7 @@ allow screen_domain self:capability { setuid setgid fsetid };
27 allow screen_domain self:process signal_perms;
28 allow screen_domain self:fd use;
29 allow screen_domain self:fifo_file rw_fifo_file_perms;
30 -allow screen_domain self:tcp_socket {accept listen };
31 +allow screen_domain self:tcp_socket { accept listen };
32 allow screen_domain self:unix_stream_socket connectto;
33
34 manage_dirs_pattern(screen_domain, screen_tmp_t, screen_tmp_t)
35 @@ -65,6 +65,7 @@ corecmd_read_bin_symlinks(screen_domain)
36 corecmd_read_bin_pipes(screen_domain)
37 corecmd_read_bin_sockets(screen_domain)
38
39 +corenet_all_recvfrom_unlabeled(screen_domain)
40 corenet_all_recvfrom_netlabel(screen_domain)
41 corenet_tcp_sendrecv_generic_if(screen_domain)
42 corenet_tcp_sendrecv_generic_node(screen_domain)
Report Message
Find on MARC Find on Google Groups