Skip to content
Snippets Groups Projects
Commit 035140d9 authored by Lucas Duffey's avatar Lucas Duffey Committed by android-build-merger
Browse files

Merge "remove setuid SELinux capability for racoon." am: d68aae65 am: 351ba2c8 

am: d7cb7ff4

Change-Id: Iaa0c92775ab446010409cf784790763542cd4d48
parents 435ed86f d7cb7ff4
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 1 addition and 1 deletion
public/racoon.te
+ 1
1
View file @ 035140d9
...@@ -15,7 +15,7 @@ allow racoon kernel:system module_request; ...@@ -15,7 +15,7 @@ allow racoon kernel:system module_request;
allow racoon self:key_socket create_socket_perms_no_ioctl; allow racoon self:key_socket create_socket_perms_no_ioctl;
allow racoon self:tun_socket create_socket_perms_no_ioctl; allow racoon self:tun_socket create_socket_perms_no_ioctl;
allow racoon self:capability { net_admin net_bind_service net_raw setuid }; allow racoon self:capability { net_admin net_bind_service net_raw };
# XXX: should we give ip-up-vpn its own label (currently racoon domain) # XXX: should we give ip-up-vpn its own label (currently racoon domain)
allow racoon system_file:file rx_file_perms; allow racoon system_file:file rx_file_perms;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment