2005-04-20 19:07:16 +00:00
|
|
|
|
2005-04-26 17:00:25 +00:00
|
|
|
policy_module(domain,1.0)
|
|
|
|
|
|
2005-06-30 18:54:08 +00:00
|
|
|
########################################
|
|
|
|
|
#
|
|
|
|
|
# Declarations
|
|
|
|
|
#
|
|
|
|
|
|
2005-04-14 20:18:17 +00:00
|
|
|
# Mark process types as domains
|
|
|
|
|
attribute domain;
|
|
|
|
|
|
2005-04-26 17:00:25 +00:00
|
|
|
# entrypoint executables
|
|
|
|
|
attribute entry_type;
|
|
|
|
|
|
2005-04-22 19:31:32 +00:00
|
|
|
# widely-inheritable file descriptors
|
|
|
|
|
attribute privfd;
|
|
|
|
|
|
2005-06-23 15:37:39 +00:00
|
|
|
# Domains that can set their current context
|
|
|
|
|
# (perform dynamic transitions)
|
|
|
|
|
attribute set_curr_context;
|
|
|
|
|
|
2005-06-14 19:56:46 +00:00
|
|
|
# constraint related attributes
|
|
|
|
|
attribute can_change_process_identity;
|
|
|
|
|
attribute can_change_process_role;
|
|
|
|
|
attribute can_change_object_identity;
|
|
|
|
|
|
2005-06-23 14:19:56 +00:00
|
|
|
# Transitions only allowed from domains to other domains
|
2005-04-14 20:18:17 +00:00
|
|
|
neverallow domain ~domain:process { transition dyntransition };
|
2005-06-09 21:07:58 +00:00
|
|
|
|
|
|
|
|
# enabling setcurrent breaks process tranquility. If you do not
|
|
|
|
|
# know what this means or do not understand the implications of a
|
|
|
|
|
# dynamic transition, you should not be using it!!!
|
2005-06-23 15:37:39 +00:00
|
|
|
neverallow { domain -set_curr_context } self:process setcurrent;
|
2005-06-23 14:19:56 +00:00
|
|
|
|
2005-07-18 20:17:21 +00:00
|
|
|
# TODO:
|
|
|
|
|
# cjp: also need to except correctly for SEFramework
|
|
|
|
|
#neverallow { domain unlabeled_t } file_type:process *;
|
|
|
|
|
#neverallow ~{ domain unlabeled_t } *:process *;
|
