Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/policy/modules/services/postgresql.te
diff options
context:
space:
mode:
authorSven Vermeulen <sven.vermeulen@siphos.be>2012-09-08 18:03:45 +0200
committerSven Vermeulen <sven.vermeulen@siphos.be>2012-09-08 18:03:45 +0200
commitd5279a76dc5dc81f060346992cacfae8b96ada36 (patch)
tree1468c094b00cfce883b5b2e33fcf68695fa6563f /policy/modules/services/postgresql.te
parentDeclare a loop control device node type and label /dev/loop-control accordingly (diff)
downloadhardened-refpolicy-d5279a76dc5dc81f060346992cacfae8b96ada36.tar.gz
hardened-refpolicy-d5279a76dc5dc81f060346992cacfae8b96ada36.tar.bz2
hardened-refpolicy-d5279a76dc5dc81f060346992cacfae8b96ada36.zip
All booleans are by default off
Diffstat (limited to 'policy/modules/services/postgresql.te')
-rw-r--r--policy/modules/services/postgresql.te6
1 files changed, 3 insertions, 3 deletions
diff --git a/policy/modules/services/postgresql.te b/policy/modules/services/postgresql.te
index b49c9290..0617c72f 100644
--- a/policy/modules/services/postgresql.te
+++ b/policy/modules/services/postgresql.te
@@ -1,4 +1,4 @@
-policy_module(postgresql, 1.15.0)
+policy_module(postgresql, 1.15.2)
gen_require(`
class db_database all_db_database_perms;
@@ -23,7 +23,7 @@ gen_require(`
## Allow unprived users to execute DDL statement
## </p>
## </desc>
-gen_tunable(sepgsql_enable_users_ddl, true)
+gen_tunable(sepgsql_enable_users_ddl, false)
## <desc>
## <p>
@@ -37,7 +37,7 @@ gen_tunable(sepgsql_transmit_client_label, false)
## Allow database admins to execute DML statement
## </p>
## </desc>
-gen_tunable(sepgsql_unconfined_dbadm, true)
+gen_tunable(sepgsql_unconfined_dbadm, false)
type postgresql_t;
type postgresql_exec_t;