69215f0664
The following patch defines new macros rw_inherited_fifo_file_perms and rw_inherited_term_perms for the obvious reason. I've had this in Debian for a while and some Debian policy relies on it. I think it's appropriate to include this before including any policy that relies on it because it's an obvious foundation for writing good policy. We could have inherited perms macros for other object types, but terminals and fifos are the main ones that get inherited. The next best candidate for such a macro is a sock_file, and that's largely due to systemd setting programs stdout/stderr to unix domain sockets. |
||
|---|---|---|
| .. | ||
| file_patterns.spt | ||
| ipc_patterns.spt | ||
| loadable_module.spt | ||
| misc_macros.spt | ||
| misc_patterns.spt | ||
| mls_mcs_macros.spt | ||
| obj_perm_sets.spt | ||