Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-hardened

From: Jason Zaman <perfinion@g.o>
To: gentoo-hardened@l.g.o
Subject: Re: [gentoo-hardened] [PATCH 1/4] portage: Dontaudit setattr in portage_dontaudit_write_cache
Date: Sat, 17 Oct 2015 17:03:52
Message-Id: 20151017170336.GA27847@meriadoc
In Reply to: [gentoo-hardened] [PATCH 1/4] portage: Dontaudit setattr in portage_dontaudit_write_cache by Luis Ressel
1 On Thu, Oct 15, 2015 at 12:44:40PM +0200, Luis Ressel wrote:
2 > ---
3 > policy/modules/contrib/portage.if | 2 +-
4 > 1 file changed, 1 insertion(+), 1 deletion(-)
5 >
6 > diff --git a/policy/modules/contrib/portage.if b/policy/modules/contrib/portage.if
7 > index 640a63b..c98a763 100644
8 > --- a/policy/modules/contrib/portage.if
9 > +++ b/policy/modules/contrib/portage.if
10 > @@ -511,6 +511,6 @@ interface(`portage_dontaudit_write_cache',`
11 > type portage_cache_t;
12 > ')
13 >
14 > - dontaudit $1 portage_cache_t:dir { write };
15 > + dontaudit $1 portage_cache_t:dir { setattr write };
16 > ')
17 >
18 > --
19 > 2.6.1
20
21 Applied this set, thanks!
22
23 -- Jason
Report Message
Find on MARC Find on Google Groups