Untrusted_app gets route information

author: Haiqing Jiang <hqjiang1988@gmail.com> 2012-07-30 13:51:16 -0700
committer: Stephen Smalley <sds@tycho.nsa.gov> 2012-07-30 16:54:24 -0400
commit: 901cc36664399f5803c64bd5a26932807d6749aa (patch)
tree: ffa264da270fc1f1b585f4523f8e292fb24fb507
parent: c70dc4e3c745e3e63b2186b78adc96ccb71bd120 (diff)
download: sepolicy-901cc36664399f5803c64bd5a26932807d6749aa.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/app.te b/app.te
index 9324a6d..f844221 100644
--- a/app.te
+++ b/app.te
@@ -102,6 +102,8 @@ allow untrusted_app node_type:{ tcp_socket udp_socket } node_bind;
 allow untrusted_app port_type:udp_socket name_bind;
 allow untrusted_app port_type:tcp_socket name_bind;
 unix_socket_connect(untrusted_app, dnsproxyd, netd)
+# Get route information.
+allow untrusted_app self:netlink_route_socket { create bind read nlmsg_read };
 }
 # Bluetooth access.
 bool app_bluetooth false;
author	Haiqing Jiang <hqjiang1988@gmail.com>	2012-07-30 13:51:16 -0700
committer	Stephen Smalley <sds@tycho.nsa.gov>	2012-07-30 16:54:24 -0400
commit	901cc36664399f5803c64bd5a26932807d6749aa (patch)
tree	ffa264da270fc1f1b585f4523f8e292fb24fb507
parent	c70dc4e3c745e3e63b2186b78adc96ccb71bd120 (diff)
download	sepolicy-901cc36664399f5803c64bd5a26932807d6749aa.tar.gz