diff --git a/refpolicy/Changelog b/refpolicy/Changelog index b9e316e..c3fe2dc 100644 --- a/refpolicy/Changelog +++ b/refpolicy/Changelog @@ -1,3 +1,4 @@ +- Remove allow_execmem from targeted policy domain_base_type(). - Add users_extra and seusers support. - Postfix fixes from Serge Hallyn. - Run python and shell directly to interpret scripts so policy diff --git a/refpolicy/policy/modules/kernel/domain.if b/refpolicy/policy/modules/kernel/domain.if index add7aa3..510a0dd 100644 --- a/refpolicy/policy/modules/kernel/domain.if +++ b/refpolicy/policy/modules/kernel/domain.if @@ -40,10 +40,6 @@ interface(`domain_base_type',` allow $1 self:process { fork sigchld }; ifdef(`targeted_policy',` - tunable_policy(`allow_execmem',` - allow $1 self:process execmem; - ') - # FIXME: # hack until role dominance is fixed in # the module compiler