2005-06-01 15:40:37 +00:00
|
|
|
# FLASK
|
|
|
|
|
|
|
|
#
|
|
|
|
# Define the security object classes
|
|
|
|
#
|
|
|
|
|
2005-08-22 14:13:19 +00:00
|
|
|
# Classes marked as userspace are classes
|
|
|
|
# for userspace object managers
|
|
|
|
|
2005-06-01 15:40:37 +00:00
|
|
|
class security
|
|
|
|
class process
|
|
|
|
class system
|
|
|
|
class capability
|
|
|
|
|
|
|
|
# file-related classes
|
|
|
|
class filesystem
|
|
|
|
class file
|
|
|
|
class dir
|
|
|
|
class fd
|
|
|
|
class lnk_file
|
|
|
|
class chr_file
|
|
|
|
class blk_file
|
|
|
|
class sock_file
|
|
|
|
class fifo_file
|
|
|
|
|
|
|
|
# network-related classes
|
|
|
|
class socket
|
|
|
|
class tcp_socket
|
|
|
|
class udp_socket
|
|
|
|
class rawip_socket
|
|
|
|
class node
|
|
|
|
class netif
|
|
|
|
class netlink_socket
|
|
|
|
class packet_socket
|
|
|
|
class key_socket
|
|
|
|
class unix_stream_socket
|
|
|
|
class unix_dgram_socket
|
|
|
|
|
|
|
|
# sysv-ipc-related classes
|
|
|
|
class sem
|
|
|
|
class msg
|
|
|
|
class msgq
|
|
|
|
class shm
|
|
|
|
class ipc
|
|
|
|
|
|
|
|
#
|
|
|
|
# userspace object manager classes
|
|
|
|
#
|
|
|
|
|
|
|
|
# passwd/chfn/chsh
|
2005-08-22 14:13:19 +00:00
|
|
|
class passwd # userspace
|
2005-06-01 15:40:37 +00:00
|
|
|
|
2008-04-01 20:23:23 +00:00
|
|
|
# SE-X Windows stuff (more classes below)
|
|
|
|
class x_drawable # userspace
|
|
|
|
class x_screen # userspace
|
|
|
|
class x_gc # userspace
|
|
|
|
class x_font # userspace
|
|
|
|
class x_colormap # userspace
|
|
|
|
class x_property # userspace
|
|
|
|
class x_selection # userspace
|
|
|
|
class x_cursor # userspace
|
|
|
|
class x_client # userspace
|
|
|
|
class x_device # userspace
|
|
|
|
class x_server # userspace
|
|
|
|
class x_extension # userspace
|
2005-06-01 15:40:37 +00:00
|
|
|
|
|
|
|
# extended netlink sockets
|
|
|
|
class netlink_route_socket
|
|
|
|
class netlink_firewall_socket
|
|
|
|
class netlink_tcpdiag_socket
|
|
|
|
class netlink_nflog_socket
|
|
|
|
class netlink_xfrm_socket
|
|
|
|
class netlink_selinux_socket
|
|
|
|
class netlink_audit_socket
|
|
|
|
class netlink_ip6fw_socket
|
|
|
|
class netlink_dnrt_socket
|
|
|
|
|
2005-08-22 14:13:19 +00:00
|
|
|
class dbus # userspace
|
|
|
|
class nscd # userspace
|
2005-06-01 15:40:37 +00:00
|
|
|
|
|
|
|
# IPSec association
|
|
|
|
class association
|
|
|
|
|
|
|
|
# Updated Netlink class for KOBJECT_UEVENT family.
|
|
|
|
class netlink_kobject_uevent_socket
|
|
|
|
|
2006-05-04 20:40:49 +00:00
|
|
|
class appletalk_socket
|
|
|
|
|
2006-05-19 17:45:46 +00:00
|
|
|
class packet
|
|
|
|
|
2006-06-21 21:02:49 +00:00
|
|
|
# Kernel access key retention
|
|
|
|
class key
|
|
|
|
|
2006-10-20 14:44:23 +00:00
|
|
|
class context # userspace
|
|
|
|
|
2007-02-26 15:39:59 +00:00
|
|
|
class dccp_socket
|
|
|
|
|
2007-06-19 13:02:26 +00:00
|
|
|
class memprotect
|
|
|
|
|
2007-08-09 13:15:07 +00:00
|
|
|
class db_database # userspace
|
|
|
|
class db_table # userspace
|
|
|
|
class db_procedure # userspace
|
|
|
|
class db_column # userspace
|
|
|
|
class db_tuple # userspace
|
|
|
|
class db_blob # userspace
|
|
|
|
|
2008-01-03 16:20:01 +00:00
|
|
|
# network peer labels
|
|
|
|
class peer
|
|
|
|
|
2008-02-07 17:51:59 +00:00
|
|
|
# Capabilities >= 32
|
|
|
|
class capability2
|
|
|
|
|
2008-04-01 20:23:23 +00:00
|
|
|
# More SE-X Windows stuff
|
|
|
|
class x_resource # userspace
|
|
|
|
class x_event # userspace
|
|
|
|
class x_synthetic_event # userspace
|
2008-05-06 14:37:05 +00:00
|
|
|
class x_application_data # userspace
|
2008-04-01 20:23:23 +00:00
|
|
|
|
2009-01-05 21:44:33 +00:00
|
|
|
# kernel services that need to override task security, e.g. cachefiles
|
|
|
|
class kernel_service
|
|
|
|
|
2009-08-28 21:13:06 +00:00
|
|
|
class tun_socket
|
|
|
|
|
2005-06-01 15:40:37 +00:00
|
|
|
# FLASK
|