PERFORCE change 113431 for review

Todd Miller millert at FreeBSD.org
Mon Jan 22 20:23:07 UTC 2007


http://perforce.freebsd.org/chv.cgi?CH=113431

Change 113431 by millert at millert_macbook on 2007/01/22 20:22:25

	Allow configd to execute modules.

Affected files ...

.. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/configd.te#20 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/refpolicy/policy/modules/darwin/configd.te#20 (text+ko) ====

@@ -129,7 +129,7 @@
 
 # Allow configd to load kexts
 allow configd_t modules_object_t:dir { read search };
-allow configd_t modules_object_t:file { read getattr };
+allow configd_t modules_object_t:file { read getattr execute };
 
 # Allow configd to run ifconfig
 allow configd_t ifconfig_exec_t:file { execute_no_trans getattr read };


More information about the trustedbsd-cvs mailing list