2 # ------------------------------------------------------------------
4 # Copyright (C) 2002-2005 Novell/SUSE
6 # This program is free software; you can redistribute it and/or
7 # modify it under the terms of version 2 of the GNU General Public
8 # License published by the Free Software Foundation.
10 # ------------------------------------------------------------------
11 # evolution, amongst other things, calls this program. I didn't want to
12 # give evolution access to significant chunks of /proc
15 #include <tunables/global>
18 #include <abstractions/base>
19 #include <abstractions/consoles>
20 #include <abstractions/nameservice>
22 capability dac_override,
23 capability dac_read_search,
24 deny capability sys_ptrace,
29 @{PROC}/[0-9]*/cmdline r,
34 owner @{PROC}/*/net/raw r,
35 owner @{PROC}/*/net/raw6 r,
36 owner @{PROC}/*/net/tcp r,
37 owner @{PROC}/*/net/tcp6 r,
38 owner @{PROC}/*/net/udp r,
39 owner @{PROC}/*/net/udp6 r,
40 owner @{PROC}/*/net/unix r,