Merge "[NC#3] clatd: remove raw and packet socket creation privs"

2021-12-30 19:50:00 +00:00 · 2021-12-30 19:50:00 +00:00 · 0f1b55ee24
commit 0f1b55ee24
parent 893eef25ab e544438399
1 changed files with 0 additions and 1 deletions
--- a/private/clatd.te
+++ b/private/clatd.te
@ -18,5 +18,4 @@ allow clatd netd:rawip_socket { read write };
 allow clatd self:global_capability_class_set { net_admin net_raw setuid setgid };

 allow clatd self:netlink_route_socket nlmsg_write;
-allow clatd self:{ packet_socket rawip_socket } create_socket_perms_no_ioctl;
 allow clatd tun_device:chr_file rw_file_perms;