commit: 5f795b817282c2043871c0b527f8406cb5f86db8
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Mon Jan 2 18:11:31 2017 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Jan 13 18:38:36 2017 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=5f795b81
xserver: Update from Russell Coker for boinc.
policy/modules/services/xserver.if | 18 ++++++++++++++++++
policy/modules/services/xserver.te | 2 +-
2 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/policy/modules/services/xserver.if
b/policy/modules/services/xserver.if
index 59d5821..a054c9c 100644
--- a/policy/modules/services/xserver.if
+++ b/policy/modules/services/xserver.if
@@ -1236,6 +1236,24 @@ interface(`xserver_dontaudit_getattr_xdm_tmp_sockets',`
########################################
## <summary>
+## list xdm_tmp_t directories
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to allow
+## </summary>
+## </param>
+#
+interface(`xserver_list_xdm_tmp',`
+ gen_require(`
+ type xdm_tmp_t;
+ ')
+
+ allow $1 xdm_tmp_t:dir list_dir_perms;
+')
+
+########################################
+## <summary>
## Execute the X server in the X server domain.
## </summary>
## <param name="domain">
diff --git a/policy/modules/services/xserver.te
b/policy/modules/services/xserver.te
index 00fad47..33f0487 100644
--- a/policy/modules/services/xserver.te
+++ b/policy/modules/services/xserver.te
@@ -1,4 +1,4 @@
-policy_module(xserver, 3.12.7)
+policy_module(xserver, 3.12.8)
gen_require(`
class x_drawable all_x_drawable_perms;
