On 04/03/2014 02:04 AM, William Brown wrote:
Hi,
There is an interface for read_files_pattern, manage_files_pattern,
manage_dirs_pattern, but no "read_dirs_pattern". Why not add this to
policy/support/file_pattrns.spt such as:
define(`read_dirs_pattern',`
search_dirs_pattern($1, $2, $3)
getattr_dirs_pattern($1, $2, $3)
list_dirs_pattern($1, $2, $3)
')
This would be useful for "consistency" of the interfaces when writing
policy.
Sincerely,
list_dirs_pattern() is used for this.
define(`list_dirs_pattern',`
allow $1 $2:dir search_dir_perms;
allow $1 $3:dir list_dir_perms;
')
define(`list_dir_perms',`{ getattr search open read lock ioctl }')
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
