Merge "[NC#3] clatd: remove raw and packet socket creation privs"

commit: 0f1b55ee24279ad19a714b2e93b8728d8ce66632 [log] [tgz]
author: Maciej Żenczykowski <maze@google.com> Thu Dec 30 19:50:00 2021 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Thu Dec 30 19:50:00 2021 +0000
tree: 8da140028e132035d261130715e86d975d107658
parent: 893eef25ab533d7fad57cbf10cb6c59b7bb3655e [diff]
parent: e544438399872db13853c8c0645fa41ff34fa46d [diff]
diff --git a/private/clatd.te b/private/clatd.te
index 104121e..da6820c 100644
--- a/private/clatd.te
+++ b/private/clatd.te

@@ -18,5 +18,4 @@
 allow clatd self:global_capability_class_set { net_admin net_raw setuid setgid };
 
 allow clatd self:netlink_route_socket nlmsg_write;
-allow clatd self:{ packet_socket rawip_socket } create_socket_perms_no_ioctl;
 allow clatd tun_device:chr_file rw_file_perms;
commit	0f1b55ee24279ad19a714b2e93b8728d8ce66632	[log] [tgz]
author	Maciej Żenczykowski <maze@google.com>	Thu Dec 30 19:50:00 2021 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Thu Dec 30 19:50:00 2021 +0000
tree	8da140028e132035d261130715e86d975d107658
parent	893eef25ab533d7fad57cbf10cb6c59b7bb3655e [diff]
parent	e544438399872db13853c8c0645fa41ff34fa46d [diff]