From bbdbce34c28e832cdd4d60283e049105ba43a194 Mon Sep 17 00:00:00 2001
From: Dominick Grift <domg472@gmail.com>
Date: Fri, 17 Sep 2010 08:40:04 +0200
Subject: [PATCH] No need for httpd_builtin_scripting to be set for httpd_t to
 be allowed to read files.

---
 policy/modules/services/apache.te | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/policy/modules/services/apache.te b/policy/modules/services/apache.te
index 8329861e..c3f7abf6 100644
--- a/policy/modules/services/apache.te
+++ b/policy/modules/services/apache.te
@@ -1140,14 +1140,11 @@ tunable_policy(`httpd_enable_homedirs',`
 ')
 
 tunable_policy(`httpd_read_user_content',`
+	userdom_read_user_home_content_files(httpd_t)
 	userdom_read_user_home_content_files(httpd_user_script_t)
 	userdom_read_user_home_content_files(httpd_suexec_t)
 ')
 
-tunable_policy(`httpd_read_user_content && httpd_builtin_scripting',`
-	userdom_read_user_home_content_files(httpd_t)
-')
-
 # Removal of fastcgi, will cause problems without the following
 typealias httpd_sys_script_exec_t alias httpd_fastcgi_script_exec_t;
 typealias httpd_sys_content_t alias { httpd_fastcgi_content_t httpd_fastcgi_script_ro_t };