[refpolicy] Add Open to sock_file patch

Christopher J. PeBenito cpebenito at tresys.com
Wed Mar 11 10:22:40 CDT 2009


On Thu, 2009-03-05 at 15:34 -0500, Daniel J Walsh wrote:
> --- nsaserefpolicy/policy/flask/access_vectors  2009-03-05 10:02:34.000000000 -0500
> +++ serefpolicy-3.6.8/policy/flask/access_vectors       2009-03-05 15:26:58.000000000 -0500
> @@ -157,6 +157,9 @@
>  
>  class sock_file
>  inherits file
> +{
> +       open
> +}
>  
>  class fifo_file
>  inherits file
> --- nsaserefpolicy/policy/support/obj_perm_sets.spt     2008-10-16 17:21:16.000000000 -0400
> +++ serefpolicy-3.6.8/policy/support/obj_perm_sets.spt  2009-03-05 15:27:08.000000000 -0500
> @@ -252,13 +252,13 @@
>  #
>  define(`getattr_sock_file_perms',`{ getattr }')
>  define(`setattr_sock_file_perms',`{ setattr }')
> -define(`read_sock_file_perms',`{ getattr read }')
> -define(`write_sock_file_perms',`{ getattr write append }')
> -define(`rw_sock_file_perms',`{ getattr read write append }')
> -define(`create_sock_file_perms',`{ getattr create }')
> +define(`read_sock_file_perms',`{ getattr open read }')
> +define(`write_sock_file_perms',`{ getattr write open append }')
> +define(`rw_sock_file_perms',`{ getattr open read write append }')
> +define(`create_sock_file_perms',`{ getattr create open }')
>  define(`rename_sock_file_perms',`{ getattr rename }')
>  define(`delete_sock_file_perms',`{ getattr unlink }')
> -define(`manage_sock_file_perms',`{ create getattr setattr read write rename link unlink ioctl lock append }')
> +define(`manage_sock_file_perms',`{ create open getattr setattr read write rename link unlink ioctl lock append }')
>  define(`relabelfrom_sock_file_perms',`{ getattr relabelfrom }')
>  define(`relabelto_sock_file_perms',`{ getattr relabelto }')
>  define(`relabel_sock_file_perms',`{ getattr relabelfrom relabelto }')

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150



More information about the refpolicy mailing list