Gentoo Archives: gentoo-hardened

From: Luis Ressel <aranea@×××××.de>
To: gentoo-hardened@l.g.o
Subject: [gentoo-hardened] [PATCH 1/4] portage: Dontaudit setattr in portage_dontaudit_write_cache
Date: Thu, 15 Oct 2015 10:45:26
Message-Id: 1444905883-17436-1-git-send-email-aranea@aixah.de
1 ---
2 policy/modules/contrib/portage.if | 2 +-
3 1 file changed, 1 insertion(+), 1 deletion(-)
4
5 diff --git a/policy/modules/contrib/portage.if b/policy/modules/contrib/portage.if
6 index 640a63b..c98a763 100644
7 --- a/policy/modules/contrib/portage.if
8 +++ b/policy/modules/contrib/portage.if
9 @@ -511,6 +511,6 @@ interface(`portage_dontaudit_write_cache',`
10 type portage_cache_t;
11 ')
12
13 - dontaudit $1 portage_cache_t:dir { write };
14 + dontaudit $1 portage_cache_t:dir { setattr write };
15 ')
16
17 --
18 2.6.1

Replies