rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

trunk: add open perm to sock_file.

Browse Source
This commit is contained in:
Chris PeBenito 2009-03-11 14:58:03 +00:00
parent 79a5a8084d
commit d3cdc3d07c
3 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
policy/flask/access_vectors
View File

@ -157,6 +157,9 @@ inherits file
class sock_file class sock_file
inherits file inherits file
{
open
}
class fifo_file class fifo_file
inherits file inherits file

4
policy/support/ipc_patterns.spt
View File

@ -3,12 +3,12 @@
# #
define(`stream_connect_pattern',` define(`stream_connect_pattern',`
allow $1 $2:dir search_dir_perms; allow $1 $2:dir search_dir_perms;
allow $1 $3:sock_file { getattr write }; allow $1 $3:sock_file write_sock_file_perms;
allow $1 $4:unix_stream_socket connectto; allow $1 $4:unix_stream_socket connectto;
') ')
define(`dgram_send_pattern',` define(`dgram_send_pattern',`
allow $1 $2:dir search_dir_perms; allow $1 $2:dir search_dir_perms;
allow $1 $3:sock_file { getattr write }; allow $1 $3:sock_file write_sock_file_perms;
allow $1 $4:unix_dgram_socket sendto; allow $1 $4:unix_dgram_socket sendto;
') ')

10
policy/support/obj_perm_sets.spt
View File

@ -252,13 +252,13 @@ define(`relabel_fifo_file_perms',`{ getattr relabelfrom relabelto }')
# #
define(`getattr_sock_file_perms',`{ getattr }') define(`getattr_sock_file_perms',`{ getattr }')
define(`setattr_sock_file_perms',`{ setattr }') define(`setattr_sock_file_perms',`{ setattr }')
define(`read_sock_file_perms',`{ getattr read }') define(`read_sock_file_perms',`{ getattr open read }')
define(`write_sock_file_perms',`{ getattr write append }') define(`write_sock_file_perms',`{ getattr write open append }')
define(`rw_sock_file_perms',`{ getattr read write append }') define(`rw_sock_file_perms',`{ getattr open read write append }')
define(`create_sock_file_perms',`{ getattr create }') define(`create_sock_file_perms',`{ getattr create open }')
define(`rename_sock_file_perms',`{ getattr rename }') define(`rename_sock_file_perms',`{ getattr rename }')
define(`delete_sock_file_perms',`{ getattr unlink }') define(`delete_sock_file_perms',`{ getattr unlink }')
define(`manage_sock_file_perms',`{ create getattr setattr read write rename link unlink ioctl lock append }') define(`manage_sock_file_perms',`{ create open getattr setattr read write rename link unlink ioctl lock append }')
define(`relabelfrom_sock_file_perms',`{ getattr relabelfrom }') define(`relabelfrom_sock_file_perms',`{ getattr relabelfrom }')
define(`relabelto_sock_file_perms',`{ getattr relabelto }') define(`relabelto_sock_file_perms',`{ getattr relabelto }')
define(`relabel_sock_file_perms',`{ getattr relabelfrom relabelto }') define(`relabel_sock_file_perms',`{ getattr relabelfrom relabelto }')