|
Last change
on this file since 307 was
91,
checked in by presbrey, 19 years ago
|
|
Zephyr strict SELinux module
|
|
File size:
601 bytes
|
| Rev | Line | |
|---|
| [91] | 1 | # Joe Presbrey |
|---|
| 2 | # presbrey@mit.edu |
|---|
| 3 | # 2006/1/15 |
|---|
| 4 | |
|---|
| [84] | 5 | interface(`zephyr_domtrans',` |
|---|
| 6 | gen_requires(` |
|---|
| 7 | type zephyr_t, zephyr_exec_t; |
|---|
| 8 | ') |
|---|
| 9 | |
|---|
| 10 | domain_auto_trans($1,zephyr_exec_t,zephyr_t) |
|---|
| 11 | |
|---|
| 12 | allow $1 zephyr_t:fd use; |
|---|
| 13 | allow zephyr_t $1:fd use; |
|---|
| 14 | allow zephyr_t:$1:fifo_file rw_file_perms; |
|---|
| 15 | allow zephyr_t $1:process sigchld; |
|---|
| 16 | ') |
|---|
| 17 | |
|---|
| 18 | template(`zephyr_access',` |
|---|
| 19 | require { |
|---|
| 20 | type zephyr_t, zephyr_bin_t; |
|---|
| 21 | } |
|---|
| 22 | |
|---|
| 23 | allow $1 zephyr_t:udp_socket { read write }; |
|---|
| 24 | can_exec($1, zephyr_t) |
|---|
| 25 | can_exec($1, zephyr_bin_t) |
|---|
| 26 | ') |
|---|
Note: See
TracBrowser
for help on using the repository browser.
