From cb2d84b0d1f644c733c3c877ef6e2b6026842d88 Mon Sep 17 00:00:00 2001
From: bauen1 <j2468h@gmail.com>
Date: Sun, 7 Jun 2020 21:35:07 +0200
Subject: [PATCH] gpg: don't allow gpg-agent to read /proc/kcore

This was probably a typo and shouldn't have been merged.

Signed-off-by: bauen1 <j2468h@gmail.com>
---
 policy/modules/apps/gpg.te | 1 -
 1 file changed, 1 deletion(-)

diff --git a/policy/modules/apps/gpg.te b/policy/modules/apps/gpg.te
index 4a8a31ef9..acca807f8 100644
--- a/policy/modules/apps/gpg.te
+++ b/policy/modules/apps/gpg.te
@@ -244,7 +244,6 @@ filetrans_pattern(gpg_agent_t, gpg_runtime_t, gpg_agent_tmp_t, sock_file)
 domtrans_pattern(gpg_agent_t, gpg_pinentry_exec_t, gpg_pinentry_t)
 
 kernel_dontaudit_search_sysctl(gpg_agent_t)
-kernel_read_core_if(gpg_agent_t)
 kernel_read_crypto_sysctls(gpg_agent_t)
 kernel_read_system_state(gpg_agent_t)