nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a42ff404bd
selinux-refpolicy/policy/modules
History
Luis Ressel a42ff404bd services/ssh: Don't audit accesses from ssh_t to /dev/random 
OpenSSL 1.1 always opens both /dev/urandom and /dev/random, which
generates spurious denial messages for ssh_t, ssh_keygen_t and probably
various other domains too.

The code only uses /dev/random as a fallback and can cope with an open()
failure just fine, so I'm dontauditing the access. However, I don't have
strong feelings about this -- if someone would prefer to allow these
accesses instead, I'd be okay with that too.
2018-10-27 14:56:34 -04:00
..
admin logrotate: Module version bump. 2018-10-13 13:39:18 -04:00
apps mozilla, devices, selinux, xserver, init, iptables: Module version bump. 2018-07-10 20:11:40 -04:00
kernel Remove unused translate permission in context userspace class. 2018-10-13 13:39:18 -04:00
roles Move all files out of the old contrib directory. 2018-06-23 10:38:58 -04:00
services services/ssh: Don't audit accesses from ssh_t to /dev/random 2018-10-27 14:56:34 -04:00
system miscfiles: Module version bump. 2018-10-14 13:55:21 -04:00