diff options
| author |   Kenton Groombridge <concord@gentoo.org> | 2024-05-06 16:21:13 -0400 |
|---|---|---|
| committer | Kenton Groombridge <concord@gentoo.org> | 2024-05-14 13:41:41 -0400 |
| commit | eb3fe60b4f0d6bf8c466179cababdfa67ab8aabc (patch) | |
| tree | 95c9e1918ef92efe5bf695d771aab74db2453d72 | |
| parent | postgres: add a standalone execmem tunable (diff) | |
| download | hardened-refpolicy-eb3fe60b4f0d6bf8c466179cababdfa67ab8aabc.tar.gz hardened-refpolicy-eb3fe60b4f0d6bf8c466179cababdfa67ab8aabc.tar.bz2 hardened-refpolicy-eb3fe60b4f0d6bf8c466179cababdfa67ab8aabc.zip | |
asterisk: allow binding to all unreserved UDP ports
This is for RTP streaming.
Signed-off-by: Kenton Groombridge <concord@gentoo.org>
| -rw-r--r-- | policy/modules/services/asterisk.te | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/policy/modules/services/asterisk.te b/policy/modules/services/asterisk.te index 0c2f9a42..3cf98e59 100644 --- a/policy/modules/services/asterisk.te +++ b/policy/modules/services/asterisk.te @@ -110,6 +110,7 @@ corenet_udp_bind_sip_port(asterisk_t) corenet_sendrecv_generic_server_packets(asterisk_t) corenet_tcp_bind_generic_port(asterisk_t) corenet_udp_bind_generic_port(asterisk_t) +corenet_udp_bind_all_unreserved_ports(asterisk_t) corenet_dontaudit_udp_bind_all_ports(asterisk_t) corenet_sendrecv_jabber_client_client_packets(asterisk_t) |