rpms/icecream/F-11 icecream.spec,1.22,1.23 icecream.te,1.9,1.10
Michal Schmidt
michich at fedoraproject.org
Tue Aug 18 21:50:11 UTC 2009
- Previous message (by thread): rpms/icecream/devel icecream.spec,1.23,1.24 icecream.te,1.9,1.10
- Next message (by thread): devel/shorewall .cvsignore, 1.57, 1.58 shorewall.spec, 1.87, 1.88 sources, 1.57, 1.58
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: michich
Update of /cvs/pkgs/rpms/icecream/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv3234
Modified Files:
icecream.spec icecream.te
Log Message:
* Mon Aug 17 2009 Michal Schmidt <mschmidt at redhat.com> 0.9.4-4
- SELinux policy: Allow untrusted binaries to getattr all filesystems.
(BSD process accounting does vfs_getattr() to check disk space.)
Index: icecream.spec
===================================================================
RCS file: /cvs/pkgs/rpms/icecream/F-11/icecream.spec,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -p -r1.22 -r1.23
--- icecream.spec 15 Aug 2009 21:41:45 -0000 1.22
+++ icecream.spec 18 Aug 2009 21:50:11 -0000 1.23
@@ -11,7 +11,7 @@
Name: icecream
Version: 0.9.4
-Release: 3%{?dist}
+Release: 4%{?dist}
Summary: Distributed compiler
Group: Development/Tools
@@ -233,6 +233,10 @@ rm -rf %{buildroot}
%{_libdir}/pkgconfig/icecc.pc
%changelog
+* Mon Aug 17 2009 Michal Schmidt <mschmidt at redhat.com> 0.9.4-4
+- SELinux policy: Allow untrusted binaries to getattr all filesystems.
+ (BSD process accounting does vfs_getattr() to check disk space.)
+
* Fri Aug 14 2009 Michal Schmidt <mschmidt at redhat.com> 0.9.4-3
- Create the logfile for the scheduler in the initscript.
- Allow the scheduler to write to the log in the SELinux policy (BZ#517251).
Index: icecream.te
===================================================================
RCS file: /cvs/pkgs/rpms/icecream/F-11/icecream.te,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -p -r1.9 -r1.10
--- icecream.te 15 Aug 2009 21:41:45 -0000 1.9
+++ icecream.te 18 Aug 2009 21:50:11 -0000 1.10
@@ -1,5 +1,5 @@
-policy_module(icecream,0.1.3)
+policy_module(icecream,0.1.4)
########################################
#
@@ -183,6 +183,8 @@ manage_files_pattern(iceccd_untrusted_t,
can_exec(iceccd_untrusted_t, iceccd_cache_t)
+fs_getattr_all_fs(iceccd_untrusted_t)
+
########################################
#
# icecc_scheduler policy
- Previous message (by thread): rpms/icecream/devel icecream.spec,1.23,1.24 icecream.te,1.9,1.10
- Next message (by thread): devel/shorewall .cvsignore, 1.57, 1.58 shorewall.spec, 1.87, 1.88 sources, 1.57, 1.58
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list