Something went wrong on our end
-
Stephen Smalley authoredRemove write access to rootfs files from unconfineddomain and prevent adding it back via neverallow. This is only applied to regular files, as we are primarily concerned with preventing writing to a file that can be exec'd and because creation of directories or symlinks in the rootfs may be required for mount point directories. Change-Id: If2c96da03f5dd6f56de97131f6ba9eceea328721 Signed-off-by:
Stephen Smalley <sds@tycho.nsa.gov>Stephen Smalley authoredRemove write access to rootfs files from unconfineddomain and prevent adding it back via neverallow. This is only applied to regular files, as we are primarily concerned with preventing writing to a file that can be exec'd and because creation of directories or symlinks in the rootfs may be required for mount point directories. Change-Id: If2c96da03f5dd6f56de97131f6ba9eceea328721 Signed-off-by:Stephen Smalley <sds@tycho.nsa.gov>
unconfined.te 3.65 KiB