• S
    selinux: Remove unused permission definitions · 42a9699a
    Stephen Smalley 提交于
    Remove unused permission definitions from SELinux.
    Many of these were only ever used in pre-mainline
    versions of SELinux, prior to Linux 2.6.0.  Some of them
    were used in the legacy network or compat_net=1 checks
    that were disabled by default in Linux 2.6.18 and
    fully removed in Linux 2.6.30.
    
    Permissions never used in mainline Linux:
    file swapon
    filesystem transition
    tcp_socket { connectto newconn acceptfrom }
    node enforce_dest
    unix_stream_socket { newconn acceptfrom }
    
    Legacy network checks, removed in 2.6.30:
    socket { recv_msg send_msg }
    node { tcp_recv tcp_send udp_recv udp_send rawip_recv rawip_send dccp_recv dccp_send }
    netif { tcp_recv tcp_send udp_recv udp_send rawip_recv rawip_send dccp_recv dccp_send }
    Signed-off-by: NStephen Smalley <sds@tycho.nsa.gov>
    Signed-off-by: NPaul Moore <pmoore@redhat.com>
    42a9699a
classmap.h 5.5 KB