diff options
author | Chris PeBenito <Christopher.PeBenito@microsoft.com> | 2022-05-23 14:44:39 +0000 |
---|---|---|
committer | Jason Zaman <perfinion@gentoo.org> | 2022-09-03 11:41:55 -0700 |
commit | a8f1e09afea4183f10235b8d39d23f4e5cd9b93b (patch) | |
tree | 7f76cadc7eae8d972403edc0ede9122d2066868a | |
parent | storage: Add fc for /dev/ng*n* devices. (diff) | |
download | hardened-refpolicy-a8f1e09afea4183f10235b8d39d23f4e5cd9b93b.tar.gz hardened-refpolicy-a8f1e09afea4183f10235b8d39d23f4e5cd9b93b.tar.bz2 hardened-refpolicy-a8f1e09afea4183f10235b8d39d23f4e5cd9b93b.zip |
files: Add prerequisite access for files_mounton_non_security().
Signed-off-by: Chris PeBenito <Christopher.PeBenito@microsoft.com>
Signed-off-by: Jason Zaman <perfinion@gentoo.org>
-rw-r--r-- | policy/modules/kernel/files.if | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if index 5a9679092..1200df800 100644 --- a/policy/modules/kernel/files.if +++ b/policy/modules/kernel/files.if @@ -568,8 +568,8 @@ interface(`files_mounton_non_security',` attribute non_security_file_type; ') - allow $1 non_security_file_type:dir mounton; - allow $1 non_security_file_type:file mounton; + allow $1 non_security_file_type:dir { getattr search mounton }; + allow $1 non_security_file_type:file { getattr mounton }; ') ######################################## |