diff options
author | Dominick Grift <dac.override@gmail.com> | 2019-01-14 17:02:56 +0100 |
---|---|---|
committer | Jason Zaman <jason@perfinion.com> | 2019-02-10 12:11:25 +0800 |
commit | 225c4ac0012abcfff023e67b10fe4c31fa3a050a (patch) | |
tree | c6213f61df0134389ae387be19f14ca2db8170dd /policy/modules | |
parent | selinuxutil: allow restorecond to read symlinks (diff) | |
download | hardened-refpolicy-225c4ac0012abcfff023e67b10fe4c31fa3a050a.tar.gz hardened-refpolicy-225c4ac0012abcfff023e67b10fe4c31fa3a050a.tar.bz2 hardened-refpolicy-225c4ac0012abcfff023e67b10fe4c31fa3a050a.zip |
unconfined: add a note about DBUS
Addresses https://github.com/SELinuxProject/refpolicy/issues/18
Signed-off-by: Jason Zaman <jason@perfinion.com>
Diffstat (limited to 'policy/modules')
-rw-r--r-- | policy/modules/system/unconfined.if | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/policy/modules/system/unconfined.if b/policy/modules/system/unconfined.if index 565e7129e..ad34a91c8 100644 --- a/policy/modules/system/unconfined.if +++ b/policy/modules/system/unconfined.if @@ -118,6 +118,11 @@ interface(`unconfined_domain_noaudit',` ## <p> ## Only completely trusted domains should use this interface. ## </p> +## <p> +## Does not allow return communications from confined +## domains via message based mechanisms such as dbus or +## SysV message queues. +## </p> ## </desc> ## <param name="domain"> ## <summary> |