[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/

Sven Vermeulen Tue, 08 Apr 2014 09:02:57 -0700

commit:     1e38c79a38749e559fd12eeddd14eda3ae6ebb8c
Author:     Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Mar 30 14:09:12 2014 +0000
Commit:     Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Apr  8 15:55:01 2014 +0000
URL:        
http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=1e38c79a


dnsmasq reads MTU sysctl

The dnsmasq application reads in the value of the
/proc/sys/net/ipv6/conf/*/mtu values.

This is confirmed through looking at the source code of dnsmasq, in
src/radv.c.

Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>

---
 policy/modules/contrib/dnsmasq.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/contrib/dnsmasq.te 
b/policy/modules/contrib/dnsmasq.te
index f1fdee0..7027424 100644
--- a/policy/modules/contrib/dnsmasq.te
+++ b/policy/modules/contrib/dnsmasq.te
@@ -52,6 +52,7 @@ manage_files_pattern(dnsmasq_t, dnsmasq_var_run_t, 
dnsmasq_var_run_t)
 files_pid_filetrans(dnsmasq_t, dnsmasq_var_run_t, { dir file })
 
 kernel_read_kernel_sysctls(dnsmasq_t)
+kernel_read_net_sysctls(dnsmasq_t)
 kernel_read_network_state(dnsmasq_t)
 kernel_read_system_state(dnsmasq_t)
 kernel_request_load_module(dnsmasq_t)

[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/

Reply via email to