RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Let the user list noxattr fs directories 

When reading or managing noxattr fs files or symbolic links, also
let the user list noxattr fs directories.

This patch should be applied after the following one:

http://oss.tresys.com/pipermail/refpolicy/2016-October/008539.html

"Let users read/manage symlinks on fs that do not support xattr"

posted on Sat, 29 Oct 2016 15:39:46 UTC.

Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
This commit is contained in:
Guido Trentalancia via refpolicy 2016-10-30 00:01:47 +02:00 committed by Chris PeBenito
parent bf5f1853f3
commit b7f5fa6ac7
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
policy/modules/kernel/filesystem.if
View File

@ -1179,6 +1179,7 @@ interface(`fs_read_noxattr_fs_files',`
attribute noxattrfs;
')
fs_list_noxattr_fs($1)
read_files_pattern($1, noxattrfs, noxattrfs)
')
@ -1234,6 +1235,7 @@ interface(`fs_manage_noxattr_fs_files',`
attribute noxattrfs;
')
fs_list_noxattr_fs($1)
manage_files_pattern($1, noxattrfs, noxattrfs)
')
@ -1252,6 +1254,7 @@ interface(`fs_read_noxattr_fs_symlinks',`
attribute noxattrfs;
')
fs_list_noxattr_fs($1)
read_lnk_files_pattern($1, noxattrfs, noxattrfs)
')
@ -1270,6 +1273,7 @@ interface(`fs_manage_noxattr_fs_symlinks',`
attribute noxattrfs;
')
fs_list_noxattr_fs($1)
manage_lnk_files_pattern($1, noxattrfs, noxattrfs)
')