[refpolicy] [PATCH 3/8] Label systemd-journald files and directories
nicolas.iooss at m4x.org
Fri Aug 29 15:43:29 EDT 2014
2014-08-25 14:32 GMT+02:00 Christopher J. PeBenito:
> On 8/23/2014 11:41 AM, Nicolas Iooss wrote:
> > (a) refpolicy already supports reading devlog_t symlinks .
> It a vestige of the NSA example policy. Since we don't label the
> symlink devlog_t anymore, we should remove the rules.
Actually it seems that this rule has been added a few days after the
initial SVN import, by commit 5a9522111548 ("add devlog_t symlink to
loggers") . If the arguments which explain this commit from 2005 no
longer apply, I agree we should remove this rule to prevent future
More information about the refpolicy