From 964681069c0a95d7be70ffb9d075527e95165071 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Wed, 7 Sep 2005 17:20:20 +0000
Subject: [PATCH] update flask

---
 strict/flask/access_vectors   | 9 +++++++++
 strict/flask/security_classes | 3 +++
 strict/macros/core_macros.te  | 2 +-
 3 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/strict/flask/access_vectors b/strict/flask/access_vectors
index 22e135879..dc20463fc 100644
--- a/strict/flask/access_vectors
+++ b/strict/flask/access_vectors
@@ -161,6 +161,7 @@ inherits socket
 	newconn
 	acceptfrom
 	node_bind
+	name_connect
 }
 
 class udp_socket
@@ -249,6 +250,8 @@ class process
 	dyntransition
 	setcurrent
 	execmem
+	execstack
+	execheap
 }
 
 
@@ -552,6 +555,8 @@ inherits socket
 {
 	nlmsg_read
 	nlmsg_write
+	nlmsg_relay
+	nlmsg_readpriv
 }
 
 class netlink_ip6fw_socket
@@ -597,3 +602,7 @@ class association
        sendto
        recvfrom
 }
+
+# Updated Netlink class for KOBJECT_UEVENT family.
+class netlink_kobject_uevent_socket
+inherits socket
diff --git a/strict/flask/security_classes b/strict/flask/security_classes
index b370522cb..2669c30bf 100644
--- a/strict/flask/security_classes
+++ b/strict/flask/security_classes
@@ -80,4 +80,7 @@ class nscd
 # IPSec association
 class association
 
+# Updated Netlink class for KOBJECT_UEVENT family.
+class netlink_kobject_uevent_socket
+
 # FLASK
diff --git a/strict/macros/core_macros.te b/strict/macros/core_macros.te
index 6b4e5be9d..37f2975dc 100644
--- a/strict/macros/core_macros.te
+++ b/strict/macros/core_macros.te
@@ -39,7 +39,7 @@ define(`devfile_class_set', `{ chr_file blk_file }')
 #
 # All socket classes.
 #
-define(`socket_class_set', `{ tcp_socket udp_socket rawip_socket netlink_socket packet_socket unix_stream_socket unix_dgram_socket netlink_route_socket netlink_firewall_socket netlink_tcpdiag_socket netlink_nflog_socket netlink_xfrm_socket netlink_selinux_socket netlink_audit_socket netlink_ip6fw_socket netlink_dnrt_socket }')
+define(`socket_class_set', `{ tcp_socket udp_socket rawip_socket netlink_socket packet_socket unix_stream_socket unix_dgram_socket netlink_route_socket netlink_firewall_socket netlink_tcpdiag_socket netlink_nflog_socket netlink_xfrm_socket netlink_selinux_socket netlink_audit_socket netlink_ip6fw_socket netlink_dnrt_socket netlink_kobject_uevent_socket }')
 
 
 #