rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

trunk: fix disable ubac condition for process perms.

Browse Source
This commit is contained in:
Chris PeBenito 2008-11-14 13:17:51 +00:00
parent 73c77e2c9b
commit 23d5ab8de7
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
policy/constraints
View File

@ -79,11 +79,13 @@ constrain dir_file_class_set { create relabelto relabelfrom }
# Process rules # Process rules
# #
constrain process { sigchld sigkill sigstop signull signal ptrace getsched setsched getsession getpgid setpgid getcap setcap share getattr setrlimit } ifdef(`enable_ubac',`
( constrain process { sigchld sigkill sigstop signull signal ptrace getsched setsched getsession getpgid setpgid getcap setcap share getattr setrlimit }
basic_ubac_conditions (
or t1 == ubacproc basic_ubac_conditions
); or t1 == ubacproc
);
')
constrain process { transition noatsecure siginh rlimitinh } constrain process { transition noatsecure siginh rlimitinh }
( (