PERFORCE change 81010 for review
Andrew Reisse
areisse at FreeBSD.org
Tue Jul 26 13:35:40 GMT 2005
http://perforce.freebsd.org/chv.cgi?CH=81010
Change 81010 by areisse at areisse_tislabs on 2005/07/26 13:34:49
Set fs_type on device_t instead of an extra rule for mounting device_t.
Affected files ...
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/mount.te#5 edit
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/types/device.te#6 edit
Differences ...
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/domains/program/mount.te#5 (text+ko) ====
@@ -46,9 +46,6 @@
# for when /etc/mtab loses its type
allow mount_t file_t:file { getattr read unlink };
-# device_t is also used as a fs_type in freebsd
-allow mount_t device_t:filesystem mount_fs_perms;
-
# Mount, remount and unmount file systems.
allow mount_t fs_type:filesystem mount_fs_perms;
allow mount_t default_t:dir mounton;
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/policy/types/device.te#6 (text+ko) ====
@@ -10,7 +10,7 @@
#
# device_t is the type of /dev.
#
-type device_t, file_type;
+type device_t, file_type, fs_type;
#
# null_device_t is the type of /dev/null.
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list