# Copyright (C) 2005 Tresys Technology, LLC ## ## ## Core policy for shells, and generic programs ## in /bin, /sbin, /usr/bin, and /usr/sbin. ## ####################################### # # corecommands_make_shell_entrypoint(domain) # define(`corecommands_make_shell_entrypoint',` requires_block_template(`$0'_depend) domain_make_entrypoint_file($1,shell_exec_t) ') define(`corecommands_make_shell_entrypoint_depend',` type shell_exec_t; ') ######################################## # # corecommands_search_general_programs_directory(domain) # define(`corecommands_search_general_programs_directory',` requires_block_template(`$0'_depend) allow $1 bin_t:dir search; ') define(`corecommands_search_general_programs_directory_depend',` type bin_t; class dir search; ') ######################################## # # corecommands_read_general_programs_directory(domain) # define(`corecommands_read_general_programs_directory',` requires_block_template(`$0'_depend) allow $1 bin_t:dir { getattr search read }; ') define(`corecommands_read_general_programs_directory_depend',` type bin_t; class dir { getattr search read }; ') ######################################## # # corecommands_execute_general_programs(domain) # define(`corecommands_execute_general_programs',` requires_block_template(`$0'_depend) allow $1 bin_t:dir { getattr search read }; allow $1 bin_t:lnk_file { getattr read }; allow $1 bin_t:file { getattr read ioctl lock execute execute_no_trans }; ') define(`corecommands_execute_general_programs_depend',` type bin_t; class dir { getattr search read }; class lnk_file { getattr read }; class file { getattr read ioctl lock execute execute_no_trans }; ') ######################################## # # corecommands_search_system_programs_directory(domain) # define(`corecommands_search_system_programs_directory',` requires_block_template(`$0'_depend) allow $1 sbin_t:dir search; ') define(`corecommands_search_system_programs_directory_depend',` type sbin_t; class dir search; ') ######################################## # # corecommands_read_system_programs_directory(domain) # define(`corecommands_read_system_programs_directory',` requires_block_template(`$0'_depend) allow $1 sbin_t:dir r_dir_perms; ') define(`corecommands_read_system_programs_directory_depend',` type sbin_t; class dir r_dir_perms; ') ######################################## # # corecommands_ignore_get_system_programs_attributes(domain) # define(`corecommands_ignore_get_system_programs_attributes',` requires_block_template(`$0'_depend) allow $1 sbin_t:file getattr; ') define(`corecommands_ignore_get_system_programs_attributes_depend',` type sbin_t; class file getattr; ') ######################################## # # corecommands_execute_system_programs(domain) # define(`corecommands_execute_system_programs',` requires_block_template(`$0'_depend) allow $1 sbin_t:dir { getattr search read }; allow $1 sbin_t:lnk_file { getattr read }; allow $1 sbin_t:file { getattr read ioctl lock execute execute_no_trans }; ') define(`corecommands_execute_system_programs_depend',` type sbin_t; class dir { getattr search read }; class lnk_file { getattr read }; class file { getattr read ioctl lock execute execute_no_trans }; ') ######################################## # # corecommands_execute_shell(domain) # define(`corecommands_execute_shell',` requires_block_template(`$0'_depend) allow $1 bin_t:dir r_dir_perms; allow $1 bin_t:lnk_file { getattr read }; allow $1 shell_exec_t:file { getattr read lock ioctl execute execute_no_trans }; ') define(`corecommands_execute_shell_depend',` type bin_t, shell_exec_t; class dir r_dir_perms; class lnk_file { getattr read }; class file { getattr read lock ioctl execute execute_no_trans }; ') ######################################## # # corecommands_execute_ls(domain) # define(`corecommands_execute_ls',` requires_block_template(`$0'_depend) allow $1 bin_t:dir r_dir_perms; allow $1 bin_t:lnk_file { getattr read }; allow $1 ls_exec_t:file { getattr read lock ioctl execute execute_no_trans }; ') define(`corecommands_execute_shell_depend',` type bin_t, ls_exec_t; class dir r_dir_perms; class lnk_file { getattr read }; class file { getattr read lock ioctl execute execute_no_trans }; ') ######################################## ## ## ## Execute a shell in the target domain. This ## is an explicit transition, requiring the ## caller to use setexeccon(). ## ## ## The type of the process performing this action. ## ## ## The type of the shell process. ## ## ## # define(`corecommands_shell_explicit_transition',` requires_block_template(`$0'_depend) allow $1 bin_t:dir { getattr search read }; allow $1 bin_t:lnk_file { getattr read }; allow $1 shell_exec_t:file { getattr read execute }; allow $1 $2:process transition; dontaudit $1 $2:process { noatsecure siginh rlimitinh }; allow $1 $2:fd use; allow $2 $1:fd use; allow $2 $1:fifo_file rw_file_perms; allow $2 $1:process sigchld; ') define(`corecommands_shell_explicit_transition_depend',` type bin_t, shell_exec_t; class dir { getattr search read }; class lnk_file { getattr read }; class file { getattr read execute }; class process { transition noatsecure siginh rlimitinh sigchld }; class fd use; class fifo_file rw_file_perms; ') ######################################## ## ## ## Execute a shell in the target domain. ## ## ## The type of the process performing this action. ## ## ## The type of the shell process. ## ## ## # define(`corecommands_shell_transition',` requires_block_template(`$0'_depend) corecommands_shell_explicit_transition($1,$2) type_transition $1 shell_exec_t:process $2; ') define(`corecommands_shell_transition_depend',` type shell_exec_t; ') ######################################## # # corecommands_chroot(domain) # define(`corecommands_chroot',` requires_block_template(`$0'_depend) allow $1 chroot_exec_t:file { getattr read execute execute_no_trans }; # could go to a generic chroot priv: allow $1 self:capability sys_chroot; ') define(`corecommands_chroot_depend',` type chroot_exec_t; class file { getattr read execute execute_no_trans }; class capability sys_chroot; ') ##