* [refpolicy] [PATCH 1/1] Add dropbox_port_t support
@ 2014-06-07 19:44 Sven Vermeulen
2014-06-09 15:02 ` Christopher J. PeBenito
0 siblings, 1 reply; 2+ messages in thread
From: Sven Vermeulen @ 2014-06-07 19:44 UTC (permalink / raw)
To: refpolicy
The dropbox application has a feature called "LAN Sync" which works on
TCP & UDP port 17500. Marking this port as dropbox_port_t (instead of
the currently default unreserved_port_t) allows for more fine-grained
access control to this resource.
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
---
policy/modules/kernel/corenetwork.te.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 7fe89bc..5f28977 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -120,6 +120,7 @@ network_port(dhcpd, udp,67,s0, udp,547,s0, tcp, 547,s0, udp,548,s0, tcp, 548,s0,
network_port(dict, tcp,2628,s0)
network_port(distccd, tcp,3632,s0)
network_port(dns, tcp,53,s0, udp,53,s0)
+network_port(dropbox, tcp,17500,s0, udp,17500,s0)
network_port(efs, tcp,520,s0)
network_port(embrace_dp_c, tcp,3198,s0, udp,3198,s0)
network_port(epmap, tcp,135,s0, udp,135,s0)
--
1.8.5.5
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [refpolicy] [PATCH 1/1] Add dropbox_port_t support
2014-06-07 19:44 [refpolicy] [PATCH 1/1] Add dropbox_port_t support Sven Vermeulen
@ 2014-06-09 15:02 ` Christopher J. PeBenito
0 siblings, 0 replies; 2+ messages in thread
From: Christopher J. PeBenito @ 2014-06-09 15:02 UTC (permalink / raw)
To: refpolicy
On 06/07/2014 03:44 PM, Sven Vermeulen wrote:
> The dropbox application has a feature called "LAN Sync" which works on
> TCP & UDP port 17500. Marking this port as dropbox_port_t (instead of
> the currently default unreserved_port_t) allows for more fine-grained
> access control to this resource.
>
> Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
> ---
> policy/modules/kernel/corenetwork.te.in | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
> index 7fe89bc..5f28977 100644
> --- a/policy/modules/kernel/corenetwork.te.in
> +++ b/policy/modules/kernel/corenetwork.te.in
> @@ -120,6 +120,7 @@ network_port(dhcpd, udp,67,s0, udp,547,s0, tcp, 547,s0, udp,548,s0, tcp, 548,s0,
> network_port(dict, tcp,2628,s0)
> network_port(distccd, tcp,3632,s0)
> network_port(dns, tcp,53,s0, udp,53,s0)
> +network_port(dropbox, tcp,17500,s0, udp,17500,s0)
> network_port(efs, tcp,520,s0)
> network_port(embrace_dp_c, tcp,3198,s0, udp,3198,s0)
> network_port(epmap, tcp,135,s0, udp,135,s0)
Merged.
--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-06-09 15:02 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-06-07 19:44 [refpolicy] [PATCH 1/1] Add dropbox_port_t support Sven Vermeulen
2014-06-09 15:02 ` Christopher J. PeBenito
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.