• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Enable new networking controls.
2policycap network_peer_controls;
3
4# Enable open permission check.
5policycap open_perms;
6
7# Enable separate security classes for
8# all network address families previously
9# mapped to the socket class and for
10# ICMP and SCTP sockets previously mapped
11# to the rawip_socket class.
12policycap extended_socket_class;
13
14# Enable NoNewPrivileges support.  Requires libsepol 2.7+
15# and kernel 4.14 (estimated).
16#
17# Checks enabled;
18# process2: nnp_transition, nosuid_transition
19#
20policycap nnp_nosuid_transition;
21