Skip to content
Snippets Groups Projects
Select Git revision
  • test default
1 result
Blame History Permalink
  • Nick Kralevich's avatar
    neverallow mounton lnk_file fifo_file sock_file · 74ddf301
    Nick Kralevich authored 
    Add a compile time assertion that no SELinux rule exists which
allows mounting on top of symbolic links, fifo files, or socket
files. Remove the capability from unconfined domains.

Change-Id: I6d7cc95cd17e2e5f165fa5948563800ed206bb71
    74ddf301