Remove app_data_file access from unconfineddomain.
Require app_data_file access to be explicitly allowed to each domain. We especially do not want to allow app_data_file:lnk_file read to any privileged domain. But removing app_data_file access in general can be useful in protecting app data from rogue daemons. Change-Id: I46240562bce76579e108495ab15833e143841ad8 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
This commit is contained in:
parent
04b8a75c2f
commit
631a5a8e48
@ -58,6 +58,7 @@ allow unconfineddomain {
|
||||
-exec_type
|
||||
-security_file
|
||||
-shell_data_file
|
||||
-app_data_file
|
||||
}:{ dir lnk_file sock_file fifo_file } ~relabelto;
|
||||
allow unconfineddomain exec_type:dir r_dir_perms;
|
||||
allow unconfineddomain exec_type:file { r_file_perms execute execmod };
|
||||
@ -81,6 +82,7 @@ allow unconfineddomain {
|
||||
-exec_type
|
||||
-security_file
|
||||
-shell_data_file
|
||||
-app_data_file
|
||||
}:{ chr_file file } ~{entrypoint execute_no_trans execmod execute relabelto};
|
||||
allow unconfineddomain rootfs:file execute;
|
||||
allow unconfineddomain contextmount_type:dir r_dir_perms;
|
||||
|
Loading…
Reference in New Issue
Block a user