trunk: additional patch from kaigai to fix up some type transitions for unpriv clients.

This commit is contained in:
Chris PeBenito 2008-06-13 13:33:36 +00:00
parent e8cb08aefa
commit 8e7d43c8ac

View File

@ -340,18 +340,17 @@ interface(`postgresql_unpriv_client',`
class db_blob all_db_blob_perms;
attribute sepgsql_client_type;
attribute sepgsql_database_type;
type sepgsql_table_t, sepgsql_proc_t, sepgsql_blob_t;
type sepgsql_db_t, sepgsql_table_t, sepgsql_proc_t, sepgsql_blob_t;
type sepgsql_trusted_proc_t, sepgsql_trusted_domain_t;
')
typeattribute $1 sepgsql_client_type;
type_transition $1 sepgsql_database_type:db_table sepgsql_table_t;
type_transition $1 sepgsql_database_type:db_procedure sepgsql_proc_t;
type_transition $1 sepgsql_database_type:db_blob sepgsql_blob_t;
type_transition $1 sepgsql_db_t:db_table sepgsql_table_t;
type_transition $1 sepgsql_db_t:db_procedure sepgsql_proc_t;
type_transition $1 sepgsql_db_t:db_blob sepgsql_blob_t;
type_transition $1 sepgsql_trusted_proc_t:process sepgsql_trusted_domain_t;
allow $1 sepgsql_trusted_domain_t:process transition;