add apache_manage_all_content, bug 1602
This commit is contained in:
Chris PeBenito
parent
88bc7af316
commit
013d746abc
@ -470,6 +470,26 @@ interface(`apache_dontaudit_rw_tcp_sockets',`
|
||||
dontaudit $1 httpd_t:tcp_socket { read write };
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Create, read, write, and delete all web content.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## Domain allowed access.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`apache_manage_all_content',`
|
||||
gen_require(`
|
||||
attribute httpdcontent;
|
||||
')
|
||||
|
||||
allow $1 httpdcontent:dir manage_dir_perms;
|
||||
allow $1 httpdcontent:file manage_file_perms;
|
||||
allow $1 httpdcontent:lnk_file create_lnk_perms;
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Allow the specified domain to read
|
||||
|
||||
Loading…
Reference in New Issue
Block a user