2006-03-14 21:54:26 +00:00
|
|
|
|
2008-07-23 21:38:39 +00:00
|
|
|
policy_module(ethereal, 1.5.0)
|
2006-03-14 21:54:26 +00:00
|
|
|
|
|
|
|
########################################
|
|
|
|
#
|
|
|
|
# Declarations
|
|
|
|
#
|
|
|
|
|
|
|
|
type ethereal_exec_t;
|
2007-07-19 18:57:48 +00:00
|
|
|
application_executable_file(ethereal_exec_t)
|
2006-03-14 21:54:26 +00:00
|
|
|
|
|
|
|
type tethereal_t;
|
|
|
|
type tethereal_exec_t;
|
2008-07-23 21:38:39 +00:00
|
|
|
application_domain(tethereal_t, tethereal_exec_t)
|
2006-03-14 21:54:26 +00:00
|
|
|
|
|
|
|
type tethereal_tmp_t;
|
|
|
|
files_tmp_file(tethereal_tmp_t)
|
|
|
|
|
|
|
|
########################################
|
|
|
|
#
|
|
|
|
# Tethereal policy
|
|
|
|
#
|
|
|
|
|
|
|
|
allow tethereal_t tethereal_t : capability { dac_override dac_read_search setgid setuid net_raw };
|
|
|
|
allow tethereal_t self:unix_stream_socket create_stream_socket_perms;
|
|
|
|
allow tethereal_t self:netlink_route_socket create_netlink_socket_perms;
|
|
|
|
allow tethereal_t self:packet_socket create_socket_perms;
|
|
|
|
allow tethereal_t self:tcp_socket create_socket_perms;
|
|
|
|
allow tethereal_t self:udp_socket create_socket_perms;
|
|
|
|
|
|
|
|
# Store temporary files
|
2008-07-23 21:38:39 +00:00
|
|
|
manage_dirs_pattern(tethereal_t, tethereal_tmp_t, tethereal_tmp_t)
|
|
|
|
manage_files_pattern(tethereal_t, tethereal_tmp_t, tethereal_tmp_t)
|
2006-03-14 21:54:26 +00:00
|
|
|
files_tmp_filetrans(tethereal_t, tethereal_tmp_t, { dir file })
|
|
|
|
|
|
|
|
# /proc
|
|
|
|
kernel_read_all_sysctls(tethereal_t)
|
|
|
|
kernel_read_system_state(tethereal_t)
|
|
|
|
|
|
|
|
# Read ethereal files in /usr
|
|
|
|
files_read_usr_files(tethereal_t)
|
|
|
|
# /etc/nsswitch.conf
|
|
|
|
files_read_etc_files(tethereal_t)
|
|
|
|
|
|
|
|
libs_use_ld_so(tethereal_t)
|
|
|
|
libs_use_shared_libs(tethereal_t)
|
|
|
|
|
|
|
|
miscfiles_read_localization(tethereal_t)
|
|
|
|
|
|
|
|
seutil_use_newrole_fds(tethereal_t)
|
|
|
|
|
|
|
|
sysnet_dns_name_resolve(tethereal_t)
|
|
|
|
|
2006-03-24 16:13:54 +00:00
|
|
|
optional_policy(`
|
2006-03-14 21:54:26 +00:00
|
|
|
nscd_socket_use(tethereal_t)
|
|
|
|
')
|