trunk: X application data class from Eamon Walsh and Ted Toth.
This commit is contained in:
Chris PeBenito
parent
a68c30f58a
commit
d923d54c08
|
|
@ -1,3 +1,4 @@
|
|||
- X application data class from Eamon Walsh and Ted Toth.
|
||||
- Move user roles into individual modules.
|
||||
- Make hald_log_t a log file.
|
||||
- Cryptsetup runs shell scripts. Patch from Martin Orr.
|
||||
|
|
|
|||
|
|
@ -775,3 +775,10 @@ class peer
|
|||
{
|
||||
recv
|
||||
}
|
||||
|
||||
class x_application_data
|
||||
{
|
||||
paste
|
||||
paste_after_confirm
|
||||
copy
|
||||
}
|
||||
|
|
|
|||
|
|
@ -114,5 +114,6 @@ class capability2
|
|||
class x_resource # userspace
|
||||
class x_event # userspace
|
||||
class x_synthetic_event # userspace
|
||||
class x_application_data # userspace
|
||||
|
||||
# FLASK
|
||||
|
|
|
|||
12
policy/mls
12
policy/mls
|
|
@ -568,6 +568,18 @@ mlsconstrain x_event { send }
|
|||
( t1 == mlsxwinwrite ));
|
||||
|
||||
|
||||
#
|
||||
# MLS policy for the x_application_data class
|
||||
#
|
||||
|
||||
# the x_application_data "paste" ops (explicit single level)
|
||||
mlsconstrain x_application_data { paste }
|
||||
( l1 eq l2 );
|
||||
|
||||
# the x_application_data "paste_after_confirm" ops (downgrade permitted)
|
||||
mlsconstrain x_application_data { paste_after_confirm }
|
||||
( l1 domby l2 );
|
||||
|
||||
|
||||
#
|
||||
# MLS policy for the pax class
|
||||
|
|
|
|||
Loading…
Reference in New Issue