diff options
author | Chris PeBenito <pebenito@ieee.org> | 2018-01-16 18:52:39 -0500 |
---|---|---|
committer | Sven Vermeulen <swift@gentoo.org> | 2018-01-18 17:31:50 +0100 |
commit | a8daf242da364dcdc2f3a678daca42160d579c67 (patch) | |
tree | 111c7dbe0b195a6851349ccafa1c0ae47deeec05 | |
parent | Update Changelog and VERSION for release. (diff) | |
download | hardened-refpolicy-a8daf242da364dcdc2f3a678daca42160d579c67.tar.gz hardened-refpolicy-a8daf242da364dcdc2f3a678daca42160d579c67.tar.bz2 hardened-refpolicy-a8daf242da364dcdc2f3a678daca42160d579c67.zip |
Enable cgroup_seclabel and nnp_nosuid_transition.
-rw-r--r-- | policy/policy_capabilities | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/policy/policy_capabilities b/policy/policy_capabilities index a6987a44d..206cdda9b 100644 --- a/policy/policy_capabilities +++ b/policy/policy_capabilities @@ -89,12 +89,12 @@ policycap extended_socket_class; # # Added checks: # (none) -#policycap cgroup_seclabel; +policycap cgroup_seclabel; # Enable NoNewPrivileges support. Requires libsepol 2.7+ -# and kernel 4.14 (estimated). +# and kernel 4.14. # # Checks enabled; # process2: nnp_transition, nosuid_transition # -#policycap nnp_nosuid_transition; +policycap nnp_nosuid_transition; |