trunk: Labeled networking peer object class updates.

2008-01-03 16:20:01 +00:00 · 2008-01-03 16:20:01 +00:00 · f3da31d339
parent 1a61ce02e3
commit f3da31d339
3 changed files with 15 additions and 0 deletions
--- a/2
+++ b/2
@ -1,3 +1,5 @@
+- Labeled networking peer object class updates.
+
 * Fri Dec 14 2007 Chris PeBenito <selinux@tresys.com> - 20071214
 - Patch for debian logrotate to handle syslogd-listfiles, from Vaclav Ovsik.
 - Improve several tunables descriptions from Dan Walsh.
--- a/policy/flask/access_vectors
+++ b/policy/flask/access_vectors
@ -201,6 +201,8 @@ class node
 	enforce_dest
 	dccp_recv
 	dccp_send
+	recvfrom
+	sendto
 }

 class netif
@ -213,6 +215,8 @@ class netif
 	rawip_send
 	dccp_recv
 	dccp_send
+	ingress
+	egress
 }

 class netlink_socket
@ -726,3 +730,9 @@ inherits database
 	import
 	export
 }
+
+# network peer labels
+class peer
+{
+	recv
+}
--- a/policy/flask/security_classes
+++ b/policy/flask/security_classes
@ -106,4 +106,7 @@ class db_column			# userspace
 class db_tuple			# userspace
 class db_blob			# userspace

+# network peer labels
+class peer
+
 # FLASK