commit: 66b4c46a4baa68f44abe07f11ac607c6303c774b
Author: Guido Trentalancia <guido <AT> trentalancia <DOT> net>
AuthorDate: Sun Aug 7 21:07:52 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Aug 13 18:23:03 2016 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=66b4c46a
Add module_load permission to class system
The "module_load" permission has been recently added to the "system"
class (kernel 4.7).
The following patch updates the Reference Policy so that the new
permission can be used to create SELinux policies.
Signed-off-by: Guido Trentalancia <guido <AT> trentalancia.net>
policy/flask/access_vectors | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/flask/access_vectors b/policy/flask/access_vectors
index 1d045b4..77cbf1f 100644
--- a/policy/flask/access_vectors
+++ b/policy/flask/access_vectors
@@ -448,6 +448,7 @@ class system
syslog_mod
syslog_console
module_request
+ module_load
# these are overloaded userspace
# permissions from systemd
