- Add cyphesis policy
This commit is contained in:
parent
c092cc1478
commit
93f3656a99
@ -3878,7 +3878,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.fc
|
||||
+/usr/bin/octave-[^/]* -- gen_context(system_u:object_r:java_exec_t,s0)
|
||||
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.if serefpolicy-3.3.1/policy/modules/apps/java.if
|
||||
--- nsaserefpolicy/policy/modules/apps/java.if 2007-10-12 08:56:02.000000000 -0400
|
||||
+++ serefpolicy-3.3.1/policy/modules/apps/java.if 2008-02-26 16:14:55.000000000 -0500
|
||||
+++ serefpolicy-3.3.1/policy/modules/apps/java.if 2008-02-26 21:21:39.000000000 -0500
|
||||
@@ -32,7 +32,7 @@
|
||||
## </summary>
|
||||
## </param>
|
||||
@ -4029,7 +4029,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/java.if
|
||||
+ allow $1_java_t self:process { getsched sigkill execheap execmem execstack };
|
||||
+
|
||||
+ allow $2 $1_java_t:process { getattr ptrace signal_perms noatsecure siginh rlimitinh };
|
||||
+ allow $1_javaplugin_t $2:tcp_socket { read write };
|
||||
+ allow $1_java_t $2:tcp_socket { read write };
|
||||
+
|
||||
+ domtrans_pattern($2, java_exec_t, $1_java_t)
|
||||
+
|
||||
@ -19282,7 +19282,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
|
||||
+/etc/rc.d/init.d/smb -- gen_context(system_u:object_r:samba_script_exec_t,s0)
|
||||
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samba.if serefpolicy-3.3.1/policy/modules/services/samba.if
|
||||
--- nsaserefpolicy/policy/modules/services/samba.if 2007-10-12 08:56:07.000000000 -0400
|
||||
+++ serefpolicy-3.3.1/policy/modules/services/samba.if 2008-02-26 17:31:18.000000000 -0500
|
||||
+++ serefpolicy-3.3.1/policy/modules/services/samba.if 2008-02-26 21:19:09.000000000 -0500
|
||||
@@ -63,6 +63,25 @@
|
||||
|
||||
########################################
|
||||
@ -19333,7 +19333,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/samb
|
||||
+## </param>
|
||||
+## <rolecap/>
|
||||
+#
|
||||
+interface(`samba_run_net',`
|
||||
+interface(`samba_run_unconfined_net',`
|
||||
+ gen_require(`
|
||||
+ type samba_unconfined_net_t;
|
||||
+ ')
|
||||
|
Loading…
Reference in New Issue
Block a user