diff --git a/refpolicy/policy/modules/apps/screen.if b/refpolicy/policy/modules/apps/screen.if index 6489173..16004ad 100644 --- a/refpolicy/policy/modules/apps/screen.if +++ b/refpolicy/policy/modules/apps/screen.if @@ -70,6 +70,8 @@ template(`screen_per_userdomain_template',` allow $1_screen_t $1_screen_tmp_t:fifo_file create_file_perms; files_create_tmp_files($1_screen_t, $1_screen_tmp_t, { file dir }) +allow $1_screen_t $1_devpts_t:chr_file setattr; + # Create fifo allow $1_screen_t screen_dir_t:dir rw_dir_perms; allow $1_screen_t screen_dir_t:dir create_dir_perms; @@ -83,7 +85,8 @@ template(`screen_per_userdomain_template',` domain_auto_trans($2, screen_exec_t, $1_screen_t) allow $2 $1_screen_t:process signal; - allow $1_screen_t $2:process signal; + allow $1_screen_t $2:process { signal sigchld }; + allow $1_screen_t $2:fd use; allow $1_screen_t $2:fifo_file rw_file_perms; allow $1_screen_t $1_home_dir_t:dir { search getattr };