PERFORCE change 44021 for review
Chris Vance
cvance at FreeBSD.org
Wed Dec 17 15:46:00 GMT 2003
http://perforce.freebsd.org/chv.cgi?CH=44021
Change 44021 by cvance at cvance_korben on 2003/12/17 07:45:19
More policy cleanups
Affected files ...
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/apache.te#3 add
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/named.te#3 add
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/ssh.te#4 edit
Differences ...
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/ssh.te#4 (text+ko) ====
@@ -14,7 +14,7 @@
allow $1 self:unix_dgram_socket create_socket_perms;
allow $1 self:unix_stream_socket create_stream_socket_perms;
allow $1 self:fifo_file { poll rw_file_perms };
-allow $1 self:process { fork sigchld setsched };
+allow $1 self:process { fork sigchld setsched signal };
allow $1 self:fd *;
# Read system information files in /proc.
@@ -165,6 +165,7 @@
#
# sshd_login_t is the domain of a login process
# spawned by sshd
+read_locale(sshd_login_t);
# Use the pty created by sshd
allow sshd_login_t sshd_devpts_t:chr_file { setattr rw_file_perms poll };
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list