mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 08:24:42 +01:00
dnsmasq: Permit access to /proc/self/fd/
As of [48755ebf], dnsmasq iterates through directory entries in /proc/self/fd/ to find which file descriptors are open to avoid the potentially costly operation of closing all possible file descriptors. [48755ebf]: https://www.openhub.net/p/dnsmasq/commits/1679009518
This commit is contained in:
FallenWarrior2k
parent
1a7d9d9da0
commit
93a3a30ffd
1 changed files with 2 additions and 0 deletions
|
|
@ -70,6 +70,8 @@ profile dnsmasq /usr/{bin,sbin}/dnsmasq flags=(attach_disconnected) {
|
|||
# access to iface mtu needed for Router Advertisement messages in IPv6
|
||||
# Neighbor Discovery protocol (RFC 2461)
|
||||
@{PROC}/sys/net/ipv6/conf/*/mtu r,
|
||||
# closing superfluous file descriptors scans /proc/self/fd/ to find open ones
|
||||
@{PROC}/@{pid}/fd/ r,
|
||||
|
||||
# for the read-only TFTP server
|
||||
@{TFTP_DIR}/ r,
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue