RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix auth_domtrans_chk_passwd to use read_file_perms to surpress open AVC denials. 

Signed-off-by: Dominick Grift <domg472@gmail.com>
Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
This commit is contained in:
Dominick Grift 2010-03-01 18:47:51 +01:00 committed by Chris PeBenito
parent 7cf2858e4a
commit 03dd57fe7b
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
policy/modules/system/authlogin.if
View File

@ -300,7 +300,7 @@ interface(`auth_domtrans_chk_passwd',`
corecmd_search_bin($1)
domtrans_pattern($1, chkpwd_exec_t, chkpwd_t)
dontaudit $1 shadow_t:file { getattr read };
dontaudit $1 shadow_t:file read_file_perms;
dev_read_rand($1)
dev_read_urand($1)