blob: 5118ef81a2e8c87b3822bbd353339e35c2db500f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
From 6d6e2d34ec63771a01ef258c98f1ad49efdc2f67 Mon Sep 17 00:00:00 2001
From: Roy Li <rongqing.li@windriver.com>
Date: Sat, 22 Feb 2014 13:35:38 +0800
Subject: [PATCH] policy/modules/system/setrans: allow setrans_t use fd at any
level
Upstream-Status: Inappropriate [embedded specific]
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
policy/modules/system/setrans.te | 2 ++
1 file changed, 2 insertions(+)
diff --git a/policy/modules/system/setrans.te b/policy/modules/system/setrans.te
index 12e66aad9..5510f7fac 100644
--- a/policy/modules/system/setrans.te
+++ b/policy/modules/system/setrans.te
@@ -69,6 +69,8 @@ mls_net_receive_all_levels(setrans_t)
mls_socket_write_all_levels(setrans_t)
mls_process_read_all_levels(setrans_t)
mls_socket_read_all_levels(setrans_t)
+mls_fd_use_all_levels(setrans_t)
+mls_trusted_object(setrans_t)
selinux_compute_access_vector(setrans_t)
--
2.25.1
|
