refpol: Add the "tun_socket" object class flask definitions

Add the new "tun_socket" class to the flask definitions. The "tun_socket" object class is used by the new TUN driver hooks which allow policy to control access to TUN/TAP devices. Signed-off-by: Paul Moore <paul.moore@hp.com>
2009-08-28 17:13:06 -04:00 · 2009-08-28 17:13:06 -04:00 · 333494fd59
commit 333494fd59
parent 4279891d1f
2 changed files with 4 additions and 0 deletions
--- a/policy/flask/access_vectors
+++ b/policy/flask/access_vectors
@ -251,6 +251,8 @@ inherits socket
 class unix_dgram_socket
 inherits socket

+class tun_socket
+inherits socket

 #
 # Define the access vector interpretation for process-related objects
--- a/policy/flask/security_classes
+++ b/policy/flask/security_classes
@ -119,4 +119,6 @@ class x_application_data	# userspace
 # kernel services that need to override task security, e.g. cachefiles
 class kernel_service 

+class tun_socket
+
 # FLASK