| 1 |
commit: 0796015df7c69a5177f020340e0b05417e52ef9c |
| 2 |
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com> |
| 3 |
AuthorDate: Wed Oct 31 09:29:15 2012 +0000 |
| 4 |
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
| 5 |
CommitDate: Wed Oct 31 18:04:30 2012 +0000 |
| 6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=0796015d |
| 7 |
|
| 8 |
Changes to the w3c policy module |
| 9 |
|
| 10 |
Add missing network rules |
| 11 |
|
| 12 |
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com> |
| 13 |
|
| 14 |
--- |
| 15 |
policy/modules/contrib/w3c.if | 2 +- |
| 16 |
policy/modules/contrib/w3c.te | 12 +++++++++++- |
| 17 |
2 files changed, 12 insertions(+), 2 deletions(-) |
| 18 |
|
| 19 |
diff --git a/policy/modules/contrib/w3c.if b/policy/modules/contrib/w3c.if |
| 20 |
index 8f678a9..6a4204b 100644 |
| 21 |
--- a/policy/modules/contrib/w3c.if |
| 22 |
+++ b/policy/modules/contrib/w3c.if |
| 23 |
@@ -1 +1 @@ |
| 24 |
-## <summary>W3C Markup Validator</summary> |
| 25 |
+## <summary>W3C Markup Validator.</summary> |
| 26 |
|
| 27 |
diff --git a/policy/modules/contrib/w3c.te b/policy/modules/contrib/w3c.te |
| 28 |
index 1174ad8..bcb76b6 100644 |
| 29 |
--- a/policy/modules/contrib/w3c.te |
| 30 |
+++ b/policy/modules/contrib/w3c.te |
| 31 |
@@ -1,4 +1,4 @@ |
| 32 |
-policy_module(w3c, 1.0.0) |
| 33 |
+policy_module(w3c, 1.0.1) |
| 34 |
|
| 35 |
######################################## |
| 36 |
# |
| 37 |
@@ -12,10 +12,20 @@ apache_content_template(w3c_validator) |
| 38 |
# Local policy |
| 39 |
# |
| 40 |
|
| 41 |
+corenet_all_recvfrom_unlabeled(httpd_w3c_validator_script_t) |
| 42 |
+corenet_all_recvfrom_netlabel(httpd_w3c_validator_script_t) |
| 43 |
+corenet_tcp_sendrecv_generic_if(httpd_w3c_validator_script_t) |
| 44 |
+corenet_tcp_sendrecv_generic_node(httpd_w3c_validator_script_t) |
| 45 |
+ |
| 46 |
+corenet_sendrecv_ftp_client_packets(httpd_w3c_validator_script_t) |
| 47 |
corenet_tcp_connect_ftp_port(httpd_w3c_validator_script_t) |
| 48 |
corenet_tcp_sendrecv_ftp_port(httpd_w3c_validator_script_t) |
| 49 |
+ |
| 50 |
+corenet_sendrecv_http_client_packets(httpd_w3c_validator_script_t) |
| 51 |
corenet_tcp_connect_http_port(httpd_w3c_validator_script_t) |
| 52 |
corenet_tcp_sendrecv_http_port(httpd_w3c_validator_script_t) |
| 53 |
+ |
| 54 |
+corenet_sendrecv_http_cache_client_packets(httpd_w3c_validator_script_t) |
| 55 |
corenet_tcp_connect_http_cache_port(httpd_w3c_validator_script_t) |
| 56 |
corenet_tcp_sendrecv_http_cache_port(httpd_w3c_validator_script_t) |
Archives