From 59bc00ab898bc4d06593051b0fe4e702ca2569e2 Mon Sep 17 00:00:00 2001
From: Stephen Smalley <sds@tycho.nsa.gov>
Date: Fri, 3 Oct 2014 09:19:26 -0400
Subject: [PATCH] Remove net_domain() from isolated_app.

isolated_app performs no direct network socket communication, so
we can remove net_domain() from it.

Change-Id: I112aa4140fd577a5ea28f7a3d62567ebabcdb48d
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
---
 isolated_app.te | 1 -
 1 file changed, 1 deletion(-)

diff --git a/isolated_app.te b/isolated_app.te
index 0629ab3cf..f17372aec 100644
--- a/isolated_app.te
+++ b/isolated_app.te
@@ -11,7 +11,6 @@
 
 type isolated_app, domain;
 app_domain(isolated_app)
-net_domain(isolated_app)
 
 # Isolated apps shouldn't be able to access the driver directly.
 neverallow isolated_app gpu_device:file { rw_file_perms execute };
-- 
GitLab