Ticket #42: exim-missing-perms.patch
|
File exim-missing-perms.patch, 0.9 kB
(added by aqua, 1 year ago)
|
Adds missing entropy access, dontaudit on proc_t, TCP authorizations
|
-
exim.te
| old |
new |
|
| 65 | 65 | manage_files_pattern(exim_t, exim_var_run_t, exim_var_run_t) |
|---|
| 66 | 66 | files_pid_filetrans(exim_t, exim_var_run_t, { file dir }) |
|---|
| 67 | 67 | |
|---|
| | 68 | dev_read_rand(exim_t) |
|---|
| | 69 | dev_read_urand(exim_t) |
|---|
| | 70 | |
|---|
| 68 | 71 | kernel_read_kernel_sysctls(exim_t) |
|---|
| 69 | 72 | |
|---|
| | 73 | kernel_dontaudit_read_system_state(exim_t) |
|---|
| | 74 | |
|---|
| 70 | 75 | corecmd_search_bin(exim_t) |
|---|
| 71 | 76 | |
|---|
| 72 | 77 | corenet_all_recvfrom_unlabeled(exim_t) |
|---|
| 73 | 78 | corenet_tcp_sendrecv_all_if(exim_t) |
|---|
| 74 | 79 | corenet_tcp_sendrecv_all_nodes(exim_t) |
|---|
| 75 | 80 | corenet_tcp_sendrecv_all_ports(exim_t) |
|---|
| | 81 | corenet_tcp_sendrecv_smtp_port(exim_t) |
|---|
| | 82 | corenet_tcp_sendrecv_auth_port(exim_t) |
|---|
| 76 | 83 | corenet_tcp_bind_all_nodes(exim_t) |
|---|
| 77 | 84 | corenet_tcp_bind_smtp_port(exim_t) |
|---|
| 78 | 85 | corenet_tcp_bind_amavisd_send_port(exim_t) |
|---|
| 79 | 86 | corenet_tcp_connect_auth_port(exim_t) |
|---|
| | 87 | corenet_tcp_connect_smtp_port(exim_t) |
|---|
| 80 | 88 | corenet_tcp_connect_inetd_child_port(exim_t) |
|---|
| 81 | 89 | |
|---|
| 82 | 90 | # Init script handling |
|---|
Download in other formats:
* Generating other formats may take time.
