Adding a couple of rules to tackle AVCs

2022-09-09 19:07:50 +02:00
parent 61a4e5aa67
commit 8c46bbbf5c
2 changed files with 13 additions and 3 deletions
--- a/frr.te
+++ b/frr.te
@@ -82,6 +82,7 @@ corenet_udp_bind_bfd_multi_port(frr_t)
 corenet_tcp_bind_bgp_port(frr_t)
 corenet_tcp_bind_cmadmin_port(frr_t)
 corenet_udp_bind_cmadmin_port(frr_t)
+corenet_tcp_bind_generic_port(frr_t)
 corenet_tcp_bind_firepower_port(frr_t)
 corenet_tcp_bind_priority_e_com_port(frr_t)
 corenet_udp_bind_router_port(frr_t)
@@ -112,3 +113,7 @@ optional_policy(`
 optional_policy(`
 	networkmanager_read_state(frr_t)
 ')
+
+optional_policy(`
+        userdom_admin_home_dir_filetrans(frr_t, frr_conf_t, file, ".history_frr")
+')