Do not allow reading all directories for the CTS. The test gracefully handles unreadable directories, so we do not need to allow this for all file types. Change-Id: Ib5f5be7cacc3f0270b72c046200cc3d21f3fc374 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

commit: a019e4f12fb70da5b60e170b7f6f1b6567b4c3a7 [log] [tgz]
author: Stephen Smalley <sds@tycho.nsa.gov> Thu Apr 04 11:52:54 2013 -0400
committer: repo sync <gcondra@google.com> Fri Apr 05 13:10:24 2013 -0700
tree: 19b67bfad19242d6d995413e38bd4d69544a5992
parent: 0e856a02cb73ab2a54f024a70194c6069a9fac57 [diff]
diff --git a/cts.te b/cts.te
index 8ae62da..8f21dda 100644
--- a/cts.te
+++ b/cts.te

@@ -16,7 +16,6 @@
 dontaudit appdomain appdomain:file r_file_perms;
 
 # Walk the file tree, stat any file.
-allow appdomain file_type:dir r_dir_perms;
 allow appdomain fs_type:dir r_dir_perms;
 allow appdomain dev_type:dir r_dir_perms;
 allow appdomain file_type:dir_file_class_set getattr;
commit	a019e4f12fb70da5b60e170b7f6f1b6567b4c3a7	[log] [tgz]
author	Stephen Smalley <sds@tycho.nsa.gov>	Thu Apr 04 11:52:54 2013 -0400
committer	repo sync <gcondra@google.com>	Fri Apr 05 13:10:24 2013 -0700
tree	19b67bfad19242d6d995413e38bd4d69544a5992
parent	0e856a02cb73ab2a54f024a70194c6069a9fac57 [diff]