# DESC - Ethereal  
#
# Author: Ivan Gyurdiev <ivg2@cornell.edu>
#

# Type for executables
type tethereal_exec_t, file_type, exec_type, sysadmfile;
type ethereal_exec_t, file_type, exec_type, sysadmfile;

########################################################
# Tethereal 
#

# Type for program
type tethereal_t, domain, nscd_client_domain;

# Transition from sysadm type
domain_auto_trans(sysadm_t, tethereal_exec_t, tethereal_t)
role sysadm_r types tethereal_t;

uses_shlib(tethereal_t)
read_locale(tethereal_t)

# Terminal output
access_terminal(tethereal_t, sysadm)

# /proc
read_sysctl(tethereal_t)
allow tethereal_t { self proc_t }:dir { read search getattr };
allow tethereal_t { self proc_t }:{ file lnk_file } { read getattr };

# Access root
allow tethereal_t root_t:dir search;

# Read ethereal files in /usr
allow tethereal_t usr_t:file { read getattr };

# /etc/nsswitch.conf
allow tethereal_t etc_t:file { read getattr };

# Ethereal sysadm rules
ethereal_networking(tethereal)

# FIXME: policy is incomplete

#####################################
# Ethereal (GNOME) policy can be found
# in ethereal_macros.te