policy_module(domain,1.0) # Mark process types as domains attribute domain; # entrypoint executables attribute entry_type; # widely-inheritable file descriptors attribute privfd; # Domains that can set their current context # (perform dynamic transitions) attribute set_curr_context; # constraint related attributes attribute can_change_process_identity; attribute can_change_process_role; attribute can_change_object_identity; # Transitions only allowed from domains to other domains neverallow domain ~domain:process { transition dyntransition }; # enabling setcurrent breaks process tranquility. If you do not # know what this means or do not understand the implications of a # dynamic transition, you should not be using it!!! neverallow { domain -set_curr_context } self:process setcurrent; # Files with domain types are currently only proc files neverallow * domain:dir ~r_dir_perms; neverallow * domain:file_class_set ~rw_file_perms;