Untrusted_app gets route information

commit: 901cc36664399f5803c64bd5a26932807d6749aa [log] [tgz]
author: Haiqing Jiang <hqjiang1988@gmail.com> Mon Jul 30 13:51:16 2012 -0700
committer: Stephen Smalley <sds@tycho.nsa.gov> Mon Jul 30 16:54:24 2012 -0400
tree: ffa264da270fc1f1b585f4523f8e292fb24fb507
parent: c70dc4e3c745e3e63b2186b78adc96ccb71bd120 [diff]
diff --git a/app.te b/app.te
index 9324a6d..f844221 100644
--- a/app.te
+++ b/app.te

@@ -102,6 +102,8 @@
 allow untrusted_app port_type:udp_socket name_bind;
 allow untrusted_app port_type:tcp_socket name_bind;
 unix_socket_connect(untrusted_app, dnsproxyd, netd)
+# Get route information.
+allow untrusted_app self:netlink_route_socket { create bind read nlmsg_read };
 }
 # Bluetooth access.
 bool app_bluetooth false;
commit	901cc36664399f5803c64bd5a26932807d6749aa	[log] [tgz]
author	Haiqing Jiang <hqjiang1988@gmail.com>	Mon Jul 30 13:51:16 2012 -0700
committer	Stephen Smalley <sds@tycho.nsa.gov>	Mon Jul 30 16:54:24 2012 -0400
tree	ffa264da270fc1f1b585f4523f8e292fb24fb507
parent	c70dc4e3c745e3e63b2186b78adc96ccb71bd120 [diff]