35 lines
1.1 KiB
Diff
35 lines
1.1 KiB
Diff
From 5ba29432782295ceaeb0085d0fe9123d7736b0f1 Mon Sep 17 00:00:00 2001
|
|
From: Nikola Knazekova <nknazeko@redhat.com>
|
|
Date: Mon, 22 Aug 2022 15:43:13 +0200
|
|
Subject: [PATCH] Update tor_bind_all_unreserved_ports interface
|
|
|
|
When enabled boolean tor_bind_all_unreserved_ports,
|
|
allow tor bind UDP sockets to all ports > 1024.
|
|
|
|
Fix: bz#2089486
|
|
---
|
|
policy/modules/contrib/tor.te | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/policy/modules/contrib/tor.te b/policy/modules/contrib/tor.te
|
|
index 4b0554c374..0dc670b885 100644
|
|
--- a/policy/modules/contrib/tor.te
|
|
+++ b/policy/modules/contrib/tor.te
|
|
@@ -8,7 +8,7 @@ policy_module(tor, 1.9.0)
|
|
## <desc>
|
|
## <p>
|
|
## Determine whether tor can bind
|
|
-## tcp sockets to all unreserved ports.
|
|
+## tcp and udp sockets to all unreserved ports.
|
|
## </p>
|
|
## </desc>
|
|
gen_tunable(tor_bind_all_unreserved_ports, false)
|
|
@@ -131,6 +131,7 @@ logging_send_syslog_msg(tor_t)
|
|
tunable_policy(`tor_bind_all_unreserved_ports',`
|
|
corenet_sendrecv_all_server_packets(tor_t)
|
|
corenet_tcp_bind_all_unreserved_ports(tor_t)
|
|
+ corenet_udp_bind_all_unreserved_ports(tor_t)
|
|
')
|
|
|
|
tunable_policy(`tor_can_network_relay',`
|