- Add James Antill patch for login verification of MLS Levels
- MLS ragnes need to be checked, Eg. login/cron. This patch adds infrastructure.
This commit is contained in:
parent
c27fc16cad
commit
9d61c9c320
@ -1,19 +1,40 @@
|
||||
diff -ur libselinux-1.30.28.orig/include/selinux/av_permissions.h libselinux-1.30.28/include/selinux/av_permissions.h
|
||||
--- libselinux-1.30.28.orig/include/selinux/av_permissions.h 2006-09-25 09:44:13.000000000 -0400
|
||||
+++ libselinux-1.30.28/include/selinux/av_permissions.h 2006-09-25 09:44:47.000000000 -0400
|
||||
@@ -468,6 +468,7 @@
|
||||
#define PROCESS__EXECSTACK 0x04000000UL
|
||||
#define PROCESS__EXECHEAP 0x08000000UL
|
||||
#define PROCESS__SETKEYCREATE 0x10000000UL
|
||||
+#define PROCESS__SETSOCKCREATE 0x20000000UL
|
||||
diff -rup libselinux-1.30.29-orig/include/selinux/av_permissions.h libselinux-1.30.29/include/selinux/av_permissions.h
|
||||
--- libselinux-1.30.29-orig/include/selinux/av_permissions.h 2006-09-29 11:50:24.000000000 -0400
|
||||
+++ libselinux-1.30.29/include/selinux/av_permissions.h 2006-10-31 11:58:39.000000000 -0500
|
||||
@@ -970,3 +970,6 @@
|
||||
#define KEY__LINK 0x00000010UL
|
||||
#define KEY__SETATTR 0x00000020UL
|
||||
#define KEY__CREATE 0x00000040UL
|
||||
+
|
||||
+#define CONTEXT__TRANSLATE 0x00000001UL
|
||||
+#define CONTEXT__CONTAINS 0x00000002UL
|
||||
Only in libselinux-1.30.29/include/selinux: av_permissions.h~
|
||||
diff -rup libselinux-1.30.29-orig/include/selinux/flask.h libselinux-1.30.29/include/selinux/flask.h
|
||||
--- libselinux-1.30.29-orig/include/selinux/flask.h 2006-09-29 11:50:24.000000000 -0400
|
||||
+++ libselinux-1.30.29/include/selinux/flask.h 2006-10-31 11:57:52.000000000 -0500
|
||||
@@ -63,6 +63,7 @@
|
||||
#define SECCLASS_APPLETALK_SOCKET 56
|
||||
#define SECCLASS_PACKET 57
|
||||
#define SECCLASS_KEY 58
|
||||
+#define SECCLASS_CONTEXT 59
|
||||
|
||||
#define IPC__CREATE 0x00000001UL
|
||||
#define IPC__DESTROY 0x00000002UL
|
||||
@@ -910,6 +911,7 @@
|
||||
#define ASSOCIATION__SENDTO 0x00000001UL
|
||||
#define ASSOCIATION__RECVFROM 0x00000002UL
|
||||
#define ASSOCIATION__SETCONTEXT 0x00000004UL
|
||||
+#define ASSOCIATION__POLMATCH 0x00000008UL
|
||||
|
||||
#define NETLINK_KOBJECT_UEVENT_SOCKET__IOCTL 0x00000001UL
|
||||
#define NETLINK_KOBJECT_UEVENT_SOCKET__READ 0x00000002UL
|
||||
/*
|
||||
* Security identifier indices for initial entities
|
||||
diff -rup libselinux-1.30.29-orig/src/av_perm_to_string.h libselinux-1.30.29/src/av_perm_to_string.h
|
||||
--- libselinux-1.30.29-orig/src/av_perm_to_string.h 2006-09-29 11:50:23.000000000 -0400
|
||||
+++ libselinux-1.30.29/src/av_perm_to_string.h 2006-10-31 11:58:21.000000000 -0500
|
||||
@@ -263,3 +263,5 @@ S_(SECCLASS_FILESYSTEM, FILESYSTEM__MOUN
|
||||
S_(SECCLASS_KEY, KEY__LINK, "link")
|
||||
S_(SECCLASS_KEY, KEY__SETATTR, "setattr")
|
||||
S_(SECCLASS_KEY, KEY__CREATE, "create")
|
||||
+ S_(SECCLASS_CONTEXT, CONTEXT__TRANSLATE, "translate")
|
||||
+ S_(SECCLASS_CONTEXT, CONTEXT__CONTAINS, "contains")
|
||||
Only in libselinux-1.30.29/src: av_perm_to_string.h~
|
||||
diff -rup libselinux-1.30.29-orig/src/class_to_string.h libselinux-1.30.29/src/class_to_string.h
|
||||
--- libselinux-1.30.29-orig/src/class_to_string.h 2006-09-29 11:50:23.000000000 -0400
|
||||
+++ libselinux-1.30.29/src/class_to_string.h 2006-10-31 11:57:52.000000000 -0500
|
||||
@@ -61,3 +61,4 @@ S_("null")
|
||||
S_("appletalk_socket")
|
||||
S_("packet")
|
||||
S_("key")
|
||||
+ S_("context")
|
||||
|
Loading…
Reference in New Issue
Block a user