RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

gpg: don't allow gpg-agent to read /proc/kcore 

This was probably a typo and shouldn't have been merged.

Signed-off-by: bauen1 <j2468h@gmail.com>
This commit is contained in:
bauen1 2020-06-07 21:35:07 +02:00
parent 083e5d1d58
commit cb2d84b0d1
No known key found for this signature in database
GPG Key ID: FF0AAF5E0812BA9C
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
policy/modules/apps/gpg.te
View File

@ -244,7 +244,6 @@ filetrans_pattern(gpg_agent_t, gpg_runtime_t, gpg_agent_tmp_t, sock_file)
domtrans_pattern(gpg_agent_t, gpg_pinentry_exec_t, gpg_pinentry_t) domtrans_pattern(gpg_agent_t, gpg_pinentry_exec_t, gpg_pinentry_t)
kernel_dontaudit_search_sysctl(gpg_agent_t) kernel_dontaudit_search_sysctl(gpg_agent_t)
kernel_read_core_if(gpg_agent_t)
kernel_read_crypto_sysctls(gpg_agent_t) kernel_read_crypto_sysctls(gpg_agent_t)
kernel_read_system_state(gpg_agent_t) kernel_read_system_state(gpg_agent_t)