From 512e8cf9ff0c4ee349a9c1a402b1c31d91165df7 Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Apr 28 2006 20:44:15 +0000 Subject: remove broad ldap access --- diff --git a/refpolicy/policy/modules/kernel/domain.if b/refpolicy/policy/modules/kernel/domain.if index 8c3b719..95822fb 100644 --- a/refpolicy/policy/modules/kernel/domain.if +++ b/refpolicy/policy/modules/kernel/domain.if @@ -58,11 +58,6 @@ interface(`domain_type',` # these seem questionable: - # allow any domain to connect to the LDAP server - optional_policy(` - ldap_use($1) - ') - optional_policy(` rpm_use_fds($1) rpm_read_pipes($1)