blob: f9ba1f3393e297d97908ca101b93682df46ef220 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
policy_module(upload_cgi,1.2.0)
require {
type httpd_git_script_t;
type git_script_tmp_t;
type git_script_t;
type nfs_t;
}
files_tmp_file(git_script_tmp_t)
allow httpd_git_script_t git_script_tmp_t:file manage_file_perms;
# Do not audit attempts to read the process state (/proc/pid) of all domains.
domain_read_all_domains_state(httpd_git_script_t);
# List the contents of the sysfs directories.
dev_list_sysfs(httpd_git_script_t);
# Allow sending logs to syslog
logging_send_syslog_msg(httpd_git_script_t);
# Get the attributes of all pty device nodes.
term_getattr_all_ptys(httpd_git_script_t);
# Get the attributes of all tty device nodes.
term_getattr_all_ttys(httpd_git_script_t);
# Do not audit attempts to get the attributes of generic pty devices.
term_dontaudit_getattr_generic_ptys(httpd_git_script_t);
|
