On 6/15/19 1:58 PM, Dominick Grift wrote:
On Sat, Jun 15, 2019 at 12:08:16PM -0400, Chris PeBenito wrote:
On 6/10/19 10:20 AM, Alexander Miroshnichenko wrote:
+allow lldpd_t self:process { fork signal_perms };
+allow lldpd_t self:fifo_file rw_fifo_file_perms;
+allow lldpd_t self:unix_stream_socket { accept listen };
These perms should probably be create_stream_socket_perms.
the other permissions are already provided with logging_send_syslog_msg() so would be reduntant
This is true. However,the syslog socket is not the only socket in use.
Since it also listens on its own stream socket, the
create_stream_socket_perms more clearly shows the intent.
--
Chris PeBenito
