Skip to content
Snippets Groups Projects
Commit 74ddf301 authored by Nick Kralevich's avatar Nick Kralevich
Browse files

neverallow mounton lnk_file fifo_file sock_file 

Add a compile time assertion that no SELinux rule exists which
allows mounting on top of symbolic links, fifo files, or socket
files. Remove the capability from unconfined domains.

Change-Id: I6d7cc95cd17e2e5f165fa5948563800ed206bb71
parent 68a8f780
No related branches found
No related tags found
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment