From: sven.vermeulen@siphos.be (Sven Vermeulen) Date: Sun, 30 Mar 2014 16:09:12 +0200 Subject: [refpolicy] [PATCH 3/3] dnsmasq reads MTU sysctl In-Reply-To: <1396188552-16007-1-git-send-email-sven.vermeulen@siphos.be> References: <1396188552-16007-1-git-send-email-sven.vermeulen@siphos.be> Message-ID: <1396188552-16007-4-git-send-email-sven.vermeulen@siphos.be> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com The dnsmasq application reads in the value of the /proc/sys/net/ipv6/conf/*/mtu values. This is confirmed through looking at the source code of dnsmasq, in src/radv.c. Signed-off-by: Sven Vermeulen --- dnsmasq.te | 1 + 1 file changed, 1 insertion(+) diff --git a/dnsmasq.te b/dnsmasq.te index ede2f1e..08ea853 100644 --- a/dnsmasq.te +++ b/dnsmasq.te @@ -52,6 +52,7 @@ manage_files_pattern(dnsmasq_t, dnsmasq_var_run_t, dnsmasq_var_run_t) files_pid_filetrans(dnsmasq_t, dnsmasq_var_run_t, { dir file }) kernel_read_kernel_sysctls(dnsmasq_t) +kernel_read_net_sysctls(dnsmasq_t) kernel_read_network_state(dnsmasq_t) kernel_read_system_state(dnsmasq_t) kernel_request_load_module(dnsmasq_t) -- 1.8.3.2