1 |
commit: 796f48776b91ee0ff095ed9b42fbaf61c13922f1 |
2 |
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com> |
3 |
AuthorDate: Wed Nov 28 16:43:40 2012 +0000 |
4 |
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
5 |
CommitDate: Wed Nov 28 20:20:16 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=796f4877 |
7 |
|
8 |
Changes to the tftp policy modules |
9 |
|
10 |
Fix interfaces to include directories and symlinks |
11 |
|
12 |
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com> |
13 |
|
14 |
--- |
15 |
policy/modules/contrib/tftp.if | 9 ++++++--- |
16 |
policy/modules/contrib/tftp.te | 2 +- |
17 |
2 files changed, 7 insertions(+), 4 deletions(-) |
18 |
|
19 |
diff --git a/policy/modules/contrib/tftp.if b/policy/modules/contrib/tftp.if |
20 |
index f7c6ea3..9957e30 100644 |
21 |
--- a/policy/modules/contrib/tftp.if |
22 |
+++ b/policy/modules/contrib/tftp.if |
23 |
@@ -16,7 +16,9 @@ interface(`tftp_read_content',` |
24 |
') |
25 |
|
26 |
files_search_var_lib($1) |
27 |
- read_files_pattern($1, tftpdir_t, tftpdir_t) |
28 |
+ allow $1 tftpdir_t:dir list_dir_perms; |
29 |
+ allow $1 tftpdir_t:file read_file_perms; |
30 |
+ allow $1 tftpdir_t:lnk_file read_lnk_file_perms; |
31 |
') |
32 |
|
33 |
######################################## |
34 |
@@ -36,8 +38,9 @@ interface(`tftp_manage_rw_content',` |
35 |
') |
36 |
|
37 |
files_search_var_lib($1) |
38 |
- manage_dirs_pattern($1, tftpdir_rw_t, tftpdir_rw_t) |
39 |
- manage_files_pattern($1, tftpdir_rw_t, tftpdir_rw_t) |
40 |
+ allow $1 tftpdir_rw_t:dir manage_dir_perms; |
41 |
+ allow $1 tftpdir_rw_t:file manage_file_perms; |
42 |
+ allow $1 tftpdir_rw_t:lnk_file manage_lnk_file_perms; |
43 |
') |
44 |
|
45 |
######################################## |
46 |
|
47 |
diff --git a/policy/modules/contrib/tftp.te b/policy/modules/contrib/tftp.te |
48 |
index 0cebfd0..f455e70 100644 |
49 |
--- a/policy/modules/contrib/tftp.te |
50 |
+++ b/policy/modules/contrib/tftp.te |
51 |
@@ -1,4 +1,4 @@ |
52 |
-policy_module(tftp, 1.12.3) |
53 |
+policy_module(tftp, 1.12.4) |
54 |
|
55 |
######################################## |
56 |
# |