diff options
author | Chris PeBenito <pebenito@ieee.org> | 2017-08-05 12:13:21 -0400 |
---|---|---|
committer | Luis Ressel <aranea@aixah.de> | 2017-09-09 00:09:59 +0200 |
commit | a95cea402e4a0cb818028475db4c227f71193f13 (patch) | |
tree | c102afd0ae34118dc8595140679e07fd5aaddbb4 /policy/flask | |
parent | Enable extended_socket_class policy capability; (diff) | |
download | hardened-refpolicy-a95cea402e4a0cb818028475db4c227f71193f13.tar.gz hardened-refpolicy-a95cea402e4a0cb818028475db4c227f71193f13.tar.bz2 hardened-refpolicy-a95cea402e4a0cb818028475db4c227f71193f13.zip |
Add nnp_nosuid_transition policycap and related class/perm definitions.
Diffstat (limited to 'policy/flask')
-rw-r--r-- | policy/flask/access_vectors | 5 | ||||
-rw-r--r-- | policy/flask/security_classes | 2 |
2 files changed, 7 insertions, 0 deletions
diff --git a/policy/flask/access_vectors b/policy/flask/access_vectors index 5d539e95..9c9db71b 100644 --- a/policy/flask/access_vectors +++ b/policy/flask/access_vectors @@ -388,6 +388,11 @@ class process getrlimit } +class process2 +{ + nnp_transition + nosuid_transition +} # # Define the access vector interpretation for ipc-related objects diff --git a/policy/flask/security_classes b/policy/flask/security_classes index ce3268da..3ff1b72d 100644 --- a/policy/flask/security_classes +++ b/policy/flask/security_classes @@ -188,4 +188,6 @@ class kcm_socket class qipcrtr_socket class smc_socket +class process2 + # FLASK |