RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
selinux-refpolicy/policy/support
History
Stephen Smalley 161bda392e access_vectors: Remove unused permissions 
Remove unused permission definitions from SELinux.
Many of these were only ever used in pre-mainline
versions of SELinux, prior to Linux 2.6.0.  Some of them
were used in the legacy network or compat_net=1 checks
that were disabled by default in Linux 2.6.18 and
fully removed in Linux 2.6.30.

The corresponding classmap declarations were removed from the
mainline kernel in:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42a9699a9fa179c0054ea3cf5ad3cc67104a6162

Permissions never used in mainline Linux:
file swapon
filesystem transition
tcp_socket { connectto newconn acceptfrom }
node enforce_dest
unix_stream_socket { newconn acceptfrom }

Legacy network checks, removed in 2.6.30:
socket { recv_msg send_msg }
node { tcp_recv tcp_send udp_recv udp_send rawip_recv rawip_send dccp_recv dccp_send }
netif { tcp_recv tcp_send udp_recv udp_send rawip_recv rawip_send dccp_recv dccp_send }

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 		2020-01-14 13:41:50 -05:00
..
file_patterns.spt Add missing mmap_*_files_pattern macros. 2017-12-13 19:01:45 -05:00
ipc_patterns.spt update policy/support macros 2016-12-01 19:38:14 +01:00
loadable_module.spt loadable_module.spt: Add debugging comments for tunable_policy blocks. 2017-11-28 20:22:59 -05:00
misc_macros.spt Add new mmap permission set and pattern support macros. 2017-12-13 18:58:34 -05:00
misc_patterns.spt misc_patterns.spt: Remove unnecessary brackets. 2018-07-19 19:49:21 -04:00
mls_mcs_macros.spt - Move range transitions to modules. 2006-10-04 17:25:34 +00:00
obj_perm_sets.spt access_vectors: Remove unused permissions 2020-01-14 13:41:50 -05:00