rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Source is x_domain and not xserver_t. Moving to x_domain local policy.

Browse Source
This commit is contained in:
Dominick Grift 2010-09-24 11:39:17 +02:00
parent 568349bd70
commit e2d9aa29c5
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
policy/modules/services/xserver.te
View File

@ -877,10 +877,6 @@ allow xserver_t self:udp_socket create_socket_perms;
allow xserver_t self:netlink_selinux_socket create_socket_perms;
allow xserver_t self:netlink_kobject_uevent_socket create_socket_perms;
# Device rules
allow x_domain xserver_t:x_device { read getattr use setattr setfocus grab bell };
allow x_domain xserver_t:x_screen getattr;
allow xserver_t { input_xevent_t input_xevent_type }:x_event send;
domtrans_pattern(xserver_t, xauth_exec_t, xauth_t)
@ -1276,6 +1272,10 @@ allow x_domain self:x_resource { read write };
# can mess with the screensaver
allow x_domain xserver_t:x_screen { getattr saver_getattr };
# Device rules
allow x_domain xserver_t:x_device { read getattr use setattr setfocus grab bell };
allow x_domain xserver_t:x_screen getattr;
########################################
#
# Rules for unconfined access to this module