* [PATCH 1/1] Interface to allow reading of virus signature files.
@ 2018-10-27 16:14 David Sugar
2018-10-27 19:10 ` Chris PeBenito
0 siblings, 1 reply; 2+ messages in thread
From: David Sugar @ 2018-10-27 16:14 UTC (permalink / raw)
To: selinux-refpolicy
Signed-off-by: Dave Sugar <dsugar@tresys.com>
---
policy/modules/services/clamav.if | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
diff --git a/policy/modules/services/clamav.if b/policy/modules/services/clamav.if
index 7ad8e800..80ac5c1e 100644
--- a/policy/modules/services/clamav.if
+++ b/policy/modules/services/clamav.if
@@ -177,6 +177,34 @@ interface(`clamav_read_state_clamd',`
read_lnk_files_pattern($1, clamd_t, clamd_t)
')
+#######################################
+## <summary>
+## Read clam virus signature files
+## </summary>
+## <desc>
+## <p>
+## Useful for when using things like 'sigtool'
+## which provides useful information about
+## ClamAV signature files.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`clamav_read_signatures',`
+ gen_require(`
+ type clamd_var_lib_t;
+ ')
+
+ clamav_search_lib($1)
+ allow $1 clamd_var_lib_t:dir list_dir_perms;
+ read_files_pattern($1, clamd_var_lib_t, clamd_var_lib_t)
+ read_lnk_files_pattern($1, clamd_var_lib_t, clamd_var_lib_t)
+')
+
########################################
## <summary>
## All of the rules required to
--
2.14.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH 1/1] Interface to allow reading of virus signature files.
2018-10-27 16:14 [PATCH 1/1] Interface to allow reading of virus signature files David Sugar
@ 2018-10-27 19:10 ` Chris PeBenito
0 siblings, 0 replies; 2+ messages in thread
From: Chris PeBenito @ 2018-10-27 19:10 UTC (permalink / raw)
To: David Sugar, selinux-refpolicy
On 10/27/2018 12:14 PM, David Sugar wrote:
> Signed-off-by: Dave Sugar <dsugar@tresys.com>
> ---
> policy/modules/services/clamav.if | 28 ++++++++++++++++++++++++++++
> 1 file changed, 28 insertions(+)
>
> diff --git a/policy/modules/services/clamav.if b/policy/modules/services/clamav.if
> index 7ad8e800..80ac5c1e 100644
> --- a/policy/modules/services/clamav.if
> +++ b/policy/modules/services/clamav.if
> @@ -177,6 +177,34 @@ interface(`clamav_read_state_clamd',`
> read_lnk_files_pattern($1, clamd_t, clamd_t)
> ')
>
> +#######################################
> +## <summary>
> +## Read clam virus signature files
> +## </summary>
> +## <desc>
> +## <p>
> +## Useful for when using things like 'sigtool'
> +## which provides useful information about
> +## ClamAV signature files.
> +## </p>
> +## </desc>
> +## <param name="domain">
> +## <summary>
> +## Domain allowed access.
> +## </summary>
> +## </param>
> +#
> +interface(`clamav_read_signatures',`
> + gen_require(`
> + type clamd_var_lib_t;
> + ')
> +
> + clamav_search_lib($1)
> + allow $1 clamd_var_lib_t:dir list_dir_perms;
> + read_files_pattern($1, clamd_var_lib_t, clamd_var_lib_t)
> + read_lnk_files_pattern($1, clamd_var_lib_t, clamd_var_lib_t)
> +')
> +
> ########################################
> ## <summary>
> ## All of the rules required to
Merged.
--
Chris PeBenito
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2018-10-27 19:11 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-10-27 16:14 [PATCH 1/1] Interface to allow reading of virus signature files David Sugar
2018-10-27 19:10 ` Chris PeBenito
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).