diff --git a/refpolicy/policy/modules/kernel/kernel.if b/refpolicy/policy/modules/kernel/kernel.if index 21b89ab..6d557ad 100644 --- a/refpolicy/policy/modules/kernel/kernel.if +++ b/refpolicy/policy/modules/kernel/kernel.if @@ -751,13 +751,12 @@ interface(`kernel_search_network_state',` interface(`kernel_read_network_state',` gen_require(` type proc_t, proc_net_t; - class dir r_dir_perms; - class file r_file_perms; ') allow $1 proc_t:dir search; allow $1 proc_net_t:dir r_dir_perms; allow $1 proc_net_t:file r_file_perms; + allow $1 proc_net_t:lnk_file { getattr read }; ') ########################################