Re: [PATCH 1/1] installd unlink platform_app_data_file

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Could you update the patch to branches? Thanks. 

On Fri, Jul 27, 2012 at 11:52 AM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
On Fri, 2012-07-27 at 11:44 -0700, Haiqing Jiang wrote:
> ---
>  installd.te |    3 ++-
>  1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/installd.te b/installd.te
> index ce9122b..a2c7bb4 100644
> --- a/installd.te
> +++ b/installd.te
> @@ -20,5 +20,6 @@ dontaudit installd self:capability sys_admin;
>  selinux_check_context(installd)
>  # Read /seapp_contexts, presently on the rootfs.
>  allow installd rootfs:file r_file_perms;
> -# Unlink app_data_file
> +# Unlink app_data_file and platform_app_data_file
>  allow installd app_data_file:lnk_file unlink;
> +allow installd platform_app_data_file:lnk_file unlink;

Just add lnk_file to the earlier rule for data_file_type and drop these
two rules altogether.

--
Stephen Smalley
National Security Agency




--
-----------------------------------
Haiqing Jiang, PH.D student

Computer Science Department, North Carolina State University


[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux