mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge Revert "Merge dnsmasq: Permit access to /proc/self/fd/"

Browse source 
This reverts merge request !628. My reason for this proposal is that commit 88c142c6 already provided this change, something I must have missed when I opened the initial merge request. This resulted in duplicate entries in the profile, something that is also potentially confusing to users or other contributors.

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/659
Acked-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen 2020-10-19 22:22:23 +00:00
commit 38c611ed31
1 changed files with 0 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
profiles/apparmor.d/usr.sbin.dnsmasq
View file

@ -70,8 +70,6 @@ profile dnsmasq /usr/{bin,sbin}/dnsmasq flags=(attach_disconnected) {
# access to iface mtu needed for Router Advertisement messages in IPv6 # access to iface mtu needed for Router Advertisement messages in IPv6
# Neighbor Discovery protocol (RFC 2461) # Neighbor Discovery protocol (RFC 2461)
@{PROC}/sys/net/ipv6/conf/*/mtu r, @{PROC}/sys/net/ipv6/conf/*/mtu r,
# closing superfluous file descriptors scans /proc/self/fd/ to find open ones
@{PROC}/@{pid}/fd/ r,
# for the read-only TFTP server # for the read-only TFTP server
@{TFTP_DIR}/ r, @{TFTP_DIR}/ r,