selinux-policy/strict/domains/program/i18n_input.te

34 lines
1.2 KiB
Plaintext
Raw Normal View History

2005-04-29 17:45:15 +00:00
# i18n_input.te
# Security Policy for IIIMF htt server
# Date: 2004, 12th April (Monday)
# Establish i18n_input as a daemon
daemon_domain(i18n_input)
can_exec(i18n_input_t, i18n_input_exec_t)
can_network(i18n_input_t)
allow i18n_input_t port_type:tcp_socket name_connect;
2005-04-29 17:45:15 +00:00
can_ypbind(i18n_input_t)
can_tcp_connect(userdomain, i18n_input_t)
can_unix_connect(i18n_input_t, initrc_t)
2005-04-29 17:45:15 +00:00
allow i18n_input_t self:fifo_file rw_file_perms;
allow i18n_input_t i18n_input_port_t:tcp_socket name_bind;
allow i18n_input_t self:capability { kill setgid setuid };
allow i18n_input_t self:process { setsched setpgid };
allow i18n_input_t { bin_t sbin_t }:dir search;
can_exec(i18n_input_t, bin_t)
2005-04-29 17:45:15 +00:00
allow i18n_input_t etc_t:file r_file_perms;
allow i18n_input_t self:unix_dgram_socket create_socket_perms;
allow i18n_input_t self:unix_stream_socket create_stream_socket_perms;
allow i18n_input_t i18n_input_var_run_t:dir create_dir_perms;
allow i18n_input_t i18n_input_var_run_t:sock_file create_file_perms;
allow i18n_input_t usr_t:file { getattr read };
allow i18n_input_t home_root_t:dir search;
allow i18n_input_t etc_runtime_t:file { getattr read };
allow i18n_input_t proc_t:file { getattr read };