nnd
/
selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

mcs: Add missing process permission constraints. 

Signed-off-by: Chris PeBenito <chpebeni@linux.microsoft.com>
This commit is contained in:
Chris PeBenito 2022-06-23 15:06:27 -04:00
parent a4b870f71b
commit ab2f8d35f1
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
policy/mcs
View File

@ -83,7 +83,7 @@ mlsconstrain { file lnk_file fifo_file } { create relabelto }
( t1 != mcs_constrained_type ));
mlsconstrain process { transition dyntransition ptrace sigkill sigstop signal }
mlsconstrain process { transition dyntransition ptrace sigkill sigstop signal getsession getattr getsched setsched getrlimit setrlimit getpgid setpgid getcap setcap share setexec setfscreate setcurrent setsockcreate }
(( h1 dom h2 ) or ( t1 != mcs_constrained_type ));
mlsconstrain socket_class_set { create ioctl read write setattr append bind connect getopt setopt shutdown }