add abstractions/crypto, allowing reading @{etc_ro}/gcrypt/random.conf r, and move several rules around
@{etc_ro}/gcrypt/random.conf r, s possibly needed for all programs that use libgcrypt.
Reported by darix, he has seen it with vivaldi.
The new crypto abstraction is included in abstractions/base.
Also move some rules to the crypto abstraction:
-
@{PROC}/sys/crypto/* r,
(from base) - crypto-policies (from ssl_certs)
-
@{PROC}/sys/crypto/fips_enabled
(from openssl)
I propose these changes for 3.0 and master.
Optionally, 3.0 can get a different patch that only adds the crypto abstraction and includes it in base, without removing rules from the other abstractions - please tell me if you want that.