From: | Luis Ressel <aranea@×××××.de> |
---|---|
To: | gentoo-hardened@l.g.o |
Subject: | [gentoo-hardened] [PATCH 1/4] portage: Dontaudit setattr in portage_dontaudit_write_cache |
Date: | Thu, 15 Oct 2015 10:45:26 |
Message-Id: | 1444905883-17436-1-git-send-email-aranea@aixah.de |
1 | --- |
2 | policy/modules/contrib/portage.if | 2 +- |
3 | 1 file changed, 1 insertion(+), 1 deletion(-) |
4 | |
5 | diff --git a/policy/modules/contrib/portage.if b/policy/modules/contrib/portage.if |
6 | index 640a63b..c98a763 100644 |
7 | --- a/policy/modules/contrib/portage.if |
8 | +++ b/policy/modules/contrib/portage.if |
9 | @@ -511,6 +511,6 @@ interface(`portage_dontaudit_write_cache',` |
10 | type portage_cache_t; |
11 | ') |
12 | |
13 | - dontaudit $1 portage_cache_t:dir { write }; |
14 | + dontaudit $1 portage_cache_t:dir { setattr write }; |
15 | ') |
16 | |
17 | -- |
18 | 2.6.1 |
Subject | Author |
---|---|
[gentoo-hardened] [PATCH 4/4] portage: Add new interfaces to portage_ro_role | Luis Ressel <aranea@×××××.de> |
[gentoo-hardened] [PATCH 3/4] portage: New read-only interfaces for srcrepo and logs | Luis Ressel <aranea@×××××.de> |
[gentoo-hardened] [PATCH 2/4] portage: Fix the gen_require of the portage_compile_domain interface | Luis Ressel <aranea@×××××.de> |
Re: [gentoo-hardened] [PATCH 1/4] portage: Dontaudit setattr in portage_dontaudit_write_cache | Jason Zaman <perfinion@g.o> |