blob: 1d281df2a5d6c5f5ceb0f51b654be8dd05e51edf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
;; SPDX-License-Identifier: Unlicense
(handleunknown allow)
(mls true)
;; disable for now
;(policycap "always_check_network")
(policycap "cgroup_seclabel")
(policycap "extended_socket_class")
(policycap "genfs_seclabel_symlinks")
(policycap "network_peer_controls")
(policycap "nnp_nosuid_transition")
(policycap "open_perms")
(policycap "ioctl_skip_cloexec")
(policycap "userspace_initial_context")
;; (policycap "netlink_xperm") ;; Requires Linux 6.13/SELinux 3.8
|
