* cpuspeed wants to write to sysfs_dirs
@ 2007-03-23 19:19 Daniel J Walsh
2007-03-28 18:19 ` Christopher J. PeBenito
0 siblings, 1 reply; 2+ messages in thread
From: Daniel J Walsh @ 2007-03-23 19:19 UTC (permalink / raw)
To: Christopher J. PeBenito, SE Linux
[-- Attachment #1: Type: text/plain, Size: 1 bytes --]
[-- Attachment #2: write_sysfs_dirs.patch --]
[-- Type: text/x-patch, Size: 1066 bytes --]
--- nsaserefpolicy/policy/modules/kernel/devices.if 2007-01-02 12:57:13.000000000 -0500
+++ serefpolicy-2.5.10/policy/modules/kernel/devices.if 2007-03-22 15:06:58.000000000 -0400
@@ -2449,6 +2449,24 @@
########################################
## <summary>
+## Write in a sysfs directories.
+## </summary>
+## <param name="domain">
+## <summary>
+## The type of the process performing this action.
+## </summary>
+## </param>
+#
+interface(`dev_write_sysfs_dirs',`
+ gen_require(`
+ type sysfs_t;
+ ')
+
+ allow $1 sysfs_t:dir write;
+')
+
+########################################
+## <summary>
## Search the sysfs directories.
## </summary>
## <param name="domain">
--- nsaserefpolicy/policy/modules/services/cpucontrol.te 2007-01-02 12:57:43.000000000 -0500
+++ serefpolicy-2.5.10/policy/modules/services/cpucontrol.te 2007-03-22 15:06:59.000000000 -0400
@@ -91,6 +91,7 @@
kernel_read_system_state(cpuspeed_t)
kernel_read_kernel_sysctls(cpuspeed_t)
+dev_write_sysfs_dirs(cpuspeed_t)
dev_rw_sysfs(cpuspeed_t)
domain_use_interactive_fds(cpuspeed_t)
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: cpuspeed wants to write to sysfs_dirs
2007-03-23 19:19 cpuspeed wants to write to sysfs_dirs Daniel J Walsh
@ 2007-03-28 18:19 ` Christopher J. PeBenito
0 siblings, 0 replies; 2+ messages in thread
From: Christopher J. PeBenito @ 2007-03-28 18:19 UTC (permalink / raw)
To: Daniel J Walsh; +Cc: SE Linux
Dupe. Already merged.
On Fri, 2007-03-23 at 15:19 -0400, Daniel J Walsh wrote:
> --- nsaserefpolicy/policy/modules/kernel/devices.if 2007-01-02 12:57:13.000000000 -0500
> +++ serefpolicy-2.5.10/policy/modules/kernel/devices.if 2007-03-22 15:06:58.000000000 -0400
> @@ -2449,6 +2449,24 @@
>
> ########################################
> ## <summary>
> +## Write in a sysfs directories.
> +## </summary>
> +## <param name="domain">
> +## <summary>
> +## The type of the process performing this action.
> +## </summary>
> +## </param>
> +#
> +interface(`dev_write_sysfs_dirs',`
> + gen_require(`
> + type sysfs_t;
> + ')
> +
> + allow $1 sysfs_t:dir write;
> +')
> +
> +########################################
> +## <summary>
> ## Search the sysfs directories.
> ## </summary>
> ## <param name="domain">
> --- nsaserefpolicy/policy/modules/services/cpucontrol.te 2007-01-02 12:57:43.000000000 -0500
> +++ serefpolicy-2.5.10/policy/modules/services/cpucontrol.te 2007-03-22 15:06:59.000000000 -0400
> @@ -91,6 +91,7 @@
> kernel_read_system_state(cpuspeed_t)
> kernel_read_kernel_sysctls(cpuspeed_t)
>
> +dev_write_sysfs_dirs(cpuspeed_t)
> dev_rw_sysfs(cpuspeed_t)
>
> domain_use_interactive_fds(cpuspeed_t)
>
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-03-28 18:19 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-03-23 19:19 cpuspeed wants to write to sysfs_dirs Daniel J Walsh
2007-03-28 18:19 ` Christopher J. PeBenito
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.