diff options
Diffstat (limited to 'passenger.te')
| -rw-r--r-- | passenger.te | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/passenger.te b/passenger.te index 949dc89..674e348 100644 --- a/passenger.te +++ b/passenger.te @@ -40,7 +40,7 @@ optional_policy(` # Apache mod_passanger local policy # -allow passenger_t self:capability { setuid setgid dac_override }; +allow passenger_t self:capability { dac_override fsetid fowner chown setuid setgid }; allow passenger_t self:process signal; allow passenger_t self:fifo_file rw_fifo_file_perms; @@ -59,6 +59,7 @@ kernel_read_system_state(passenger_t) kernel_read_kernel_sysctls(passenger_t) corecmd_exec_bin(passenger_t) +corecmd_exec_shellpassenger_t) dev_read_urand(passenger_t) |