fix process object class assertion for hierarchy

This commit is contained in:
Chris PeBenito 2006-02-10 14:21:16 +00:00
parent 4ef7567839
commit e0dfbdf15f
1 changed files with 1 additions and 3 deletions

View File

@ -63,7 +63,5 @@ attribute cron_job_domain;
# SELinux identity and role change constraints # SELinux identity and role change constraints
attribute process_uncond_exempt; # add userhelperdomain to this one attribute process_uncond_exempt; # add userhelperdomain to this one
# TODO: neverallow { domain unlabeled_t } ~{ domain unlabeled_t }:process *;
# cjp: also need to except correctly for SEFramework
neverallow { domain unlabeled_t } file_type:process *;
neverallow ~{ domain unlabeled_t } *:process *; neverallow ~{ domain unlabeled_t } *:process *;