nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8f7064490d
selinux-refpolicy/policy/modules
History
Guido Trentalancia 8f7064490d The pulseaudio daemon and client do not normally need to use 
the network for most computer systems that need to play and
record audio.

So, network access by pulseaudio should normally be restricted.

This patch restricts all network access by using tunable policy
and a new boolean to control it.

Signed-off-by: Guido Trentalancia <guido@trentalancia.com>
---
 policy/modules/apps/pulseaudio.te |   47 ++++++++++++++++++++++++--------------
 1 file changed, 30 insertions(+), 17 deletions(-)
2023-04-05 16:06:19 +02:00
..
admin Merge pull request #603 from 0xC0ncord/various-20230224 2023-03-13 09:18:13 -04:00
apps The pulseaudio daemon and client do not normally need to use 2023-04-05 16:06:19 +02:00
kernel fs, init: allow systemd-init to set the attributes of efivarfs files 2023-03-10 15:10:59 -05:00
roles init, sysadm: allow sysadm to manage systemd runtime units 2022-12-12 10:32:10 -05:00
services kubernetes: allow kubelet to read etc runtime files 2023-03-10 15:10:59 -05:00
system systemd: allow systemd-resolved to search directories on tmpfs and ramfs 2023-03-15 10:57:55 +08:00