Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 22 Jan 2007 19:58:00 GMT
From:      Todd Miller <millert@FreeBSD.org>
To:        Perforce Change Reviews <perforce@freebsd.org>
Subject:   PERFORCE change 113395 for review
Message-ID:  <200701221958.l0MJw0d3085060@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help 
http://perforce.freebsd.org/chv.cgi?CH=113395

Change 113395 by millert@millert_macbook on 2007/01/22 19:57:52

	Allow reading from /System
	
	Allow reading from Frameworks.

Affected files ...

.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/KernelEventAgent.te#5 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/coreaudiod.te#7 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/mDNSResponder.te#5 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/memberd.te#4 edit
.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/update.te#4 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/KernelEventAgent.te#5 (text+ko) ====

@@ -40,3 +40,9 @@
 
 # Talk to securityd
 securityd_allow_ipc(KernelEventAgent_t)
+
+# Use Frameworks
+frameworks_read(KernelEventAgent_t)
+
+# read /System
+darwin_allow_system_read(KernelEventAgent_t)

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/coreaudiod.te#7 (text+ko) ====

@@ -67,3 +67,6 @@
 # Allow reading of /var
 files_read_var_symlinks(coreaudiod_t)
 files_read_var_files(coreaudiod_t)
+
+# read /System
+darwin_allow_system_read(coreaudiod_t)

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/mDNSResponder.te#5 (text+ko) ====

@@ -79,3 +79,6 @@
 
 # Talk to notifyd
 notifyd_allow_ipc(mDNSResponder_t)
+
+# read /System
+darwin_allow_system_read(mDNSResponder_t)

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/memberd.te#4 (text+ko) ====

@@ -55,4 +55,5 @@
 # Talk to WindowServer
 WindowServer_allow_ipc(memberd_t)
 
-
+# read /System
+darwin_allow_system_read(memberd_t)

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/update.te#4 (text+ko) ====

@@ -34,3 +34,5 @@
 # talk to launchd
 init_allow_ipc(update_t)
 
+# read /System
+darwin_allow_system_read(update_t)

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200701221958.l0MJw0d3085060>