commit: a16a1f6a2712ab32441f676c5bf0041cb8f290db
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Wed Feb 15 23:43:57 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Feb 17 08:38:49 2017 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=a16a1f6a
Revert "cups/lpd: read permission for cupsd_var_run_t socket files"
This reverts commit 9995442bb5f249c5d666e66e29308d2f8d201049.
policy/modules/contrib/cups.if | 19 -------------------
policy/modules/contrib/lpd.te | 1 -
2 files changed, 20 deletions(-)
diff --git a/policy/modules/contrib/cups.if b/policy/modules/contrib/cups.if
index 1fb79e2b..bd6b77f4 100644
--- a/policy/modules/contrib/cups.if
+++ b/policy/modules/contrib/cups.if
@@ -129,25 +129,6 @@ interface(`cups_read_pid_files',`
########################################
## <summary>
-## Read cups socket files.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`cups_read_sock_files',`
- gen_require(`
- type cupsd_var_run_t;
- ')
-
- files_search_pids($1)
- allow $1 cupsd_var_run_t:sock_file read_sock_file_perms;
-')
-
-########################################
-## <summary>
## Execute cups_config in the
## cups config domain.
## </summary>
diff --git a/policy/modules/contrib/lpd.te b/policy/modules/contrib/lpd.te
index 1343b116..11daaf6c 100644
--- a/policy/modules/contrib/lpd.te
+++ b/policy/modules/contrib/lpd.te
@@ -295,7 +295,6 @@ optional_policy(`
cups_read_config(lpr_t)
cups_stream_connect(lpr_t)
cups_read_pid_files(lpr_t)
- cups_read_sock_files(lpr_t)
')
optional_policy(`
