RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
selinux-refpolicy/policy/modules/apps
History
Dominick Grift 623e4f0885 1/1] Make the ability to mmap zero conditional where this is fapplicable. 
Retry: forgot to include attribute mmap_low_domain_type attribute to domain_mmap_low()	:

Inspired by similar implementation in Fedora.
Wine and vbetool do not always actually need the ability to mmap a low area of the address space.
In some cases this can be silently denied.

Therefore introduce an interface that facilitates "mmap low" conditionally, and the corresponding boolean.
Also implement booleans for wine and vbetool that enables the ability to not audit attempts by wine and vbetool to mmap a low area of the address space.

Rename domain_mmap_low interface to domain_mmap_low_uncond.

Change call to domain_mmap_low to domain_mmap_low_uncond for xserver_t. Also move this call to distro redhat ifndef block because Redhat does not need this ability.

Signed-off-by: Dominick Grift <domg472@gmail.com>
 		2010-09-01 09:41:56 -04:00
..
ada.fc
ada.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
ada.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
authbind.fc
authbind.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
authbind.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
awstats.fc
awstats.if
awstats.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
calamaris.fc
calamaris.if
calamaris.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
cdrecord.fc
cdrecord.if
cdrecord.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
cpufreqselector.fc
cpufreqselector.if
cpufreqselector.te Cpufreqselector patch from Dan Walsh. 2010-06-21 09:03:11 -04:00
evolution.fc
evolution.if
evolution.te Module version bump for fa1847f. 2010-07-12 14:02:18 -04:00
games.fc
games.if
games.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
gift.fc
gift.if
gift.te Module version bump for fa1847f. 2010-07-12 14:02:18 -04:00
gitosis.fc gitosis patch from Dan Walsh 2010-06-29 11:25:37 -04:00
gitosis.if gitosis patch from Dan Walsh 2010-06-29 11:25:37 -04:00
gitosis.te Module version bump for 5f04c91. 2010-06-29 11:26:16 -04:00
gnome.fc Part of gnome patch from Dan Walsh. 2010-08-12 09:21:36 -04:00
gnome.if Part of gnome patch from Dan Walsh. 2010-08-12 09:21:36 -04:00
gnome.te Part of gnome patch from Dan Walsh. 2010-08-12 09:21:36 -04:00
gpg.fc
gpg.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
gpg.te GPG patch from Dan Walsh. 2010-07-06 10:58:40 -04:00
irc.fc
irc.if
irc.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
java.fc Java patch from Dan Walsh. 2010-05-14 10:40:59 -04:00
java.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
java.te Remove duplicate/redundant rules, from Russell Coker. 2010-07-07 08:41:20 -04:00
kdumpgui.fc Additional kdumpgui cleanup. 2010-08-10 09:21:01 -04:00
kdumpgui.if Policy for system-config-kdump gui from Dan Walsh 2010-08-10 09:05:43 -04:00
kdumpgui.te Additional kdumpgui cleanup. 2010-08-10 09:21:01 -04:00
livecd.fc Add livecd from Dan Walsh. 2010-07-07 10:28:25 -04:00
livecd.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
livecd.te Add livecd from Dan Walsh. 2010-07-07 10:28:25 -04:00
loadkeys.fc
loadkeys.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
loadkeys.te Loadkeys patch from Dan Walsh. 2010-06-18 15:12:33 -04:00
lockdev.fc
lockdev.if
lockdev.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
metadata.xml
mono.fc Mono patch from Dan Walsh. 2010-02-19 10:42:43 -05:00
mono.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
mono.te Remove improper usage of userdom_manage_home_role(), userdom_manage_tmp_role(), and userdom_manage_tmpfs_role(). 2010-07-06 13:17:05 -04:00
mozilla.fc Mozilla patch from Dan Walsh. 2010-06-21 09:36:39 -04:00
mozilla.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
mozilla.te Module version bump for fa1847f. 2010-07-12 14:02:18 -04:00
mplayer.fc
mplayer.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
mplayer.te Module version bump for fa1847f. 2010-07-12 14:02:18 -04:00
podsleuth.fc
podsleuth.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
podsleuth.te Podsleuth patch from Dan Walsh. 2010-06-22 09:01:38 -04:00
ptchown.fc add ptchown policy from dan. 2009-08-31 10:21:01 -04:00
ptchown.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
ptchown.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
pulseaudio.fc Tweaks on pulseaudio 1868383, ksmtuned d279dd6, and smokeping f3c346c. 2010-03-29 09:19:40 -04:00
pulseaudio.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
pulseaudio.te Add missing ubac constraints on pulseaudio. 2010-07-09 09:14:35 -04:00
qemu.fc Qemu patch from Dan Walsh. 2010-06-22 09:32:35 -04:00
qemu.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
qemu.te Qemu patch from Dan Walsh. 2010-06-22 09:32:35 -04:00
rssh.fc
rssh.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
rssh.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
sambagui.fc system-config-samba dbus service policy from Dan Walsh 2010-08-09 09:37:29 -04:00
sambagui.if system-config-samba dbus service policy from Dan Walsh 2010-08-09 09:37:29 -04:00
sambagui.te system-config-samba dbus service policy from Dan Walsh 2010-08-09 09:37:29 -04:00
screen.fc
screen.if Screen needs to setattr on user_ttydevice_t from Dan Walsh 2010-03-16 13:36:45 -04:00
screen.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
seunshare.fc add seunshare from dan. 2009-09-28 15:40:06 -04:00
seunshare.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
seunshare.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
slocate.fc
slocate.if
slocate.te Slocate patch from Dan Walsh. 2010-06-22 09:58:14 -04:00
thunderbird.fc
thunderbird.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
thunderbird.te Module version bump for fa1847f. 2010-07-12 14:02:18 -04:00
tvtime.fc
tvtime.if
tvtime.te Module version bump for fa1847f. 2010-07-12 14:02:18 -04:00
uml.fc
uml.if
uml.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
userhelper.fc
userhelper.if Interface documentation standardization patch from Dan Walsh. 2010-08-02 09:22:09 -04:00
userhelper.te Remove ethereal module since the application was renamed to wireshark due to trademark issues. 2010-07-07 09:31:57 -04:00
usernetctl.fc
usernetctl.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
usernetctl.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
vmware.fc VMWare patch from Dan Walsh. 2010-07-08 13:43:50 -04:00
vmware.if VMWare patch from Dan Walsh. 2010-07-08 13:43:50 -04:00
vmware.te VMWare patch from Dan Walsh. 2010-07-08 13:43:50 -04:00
webalizer.fc
webalizer.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
webalizer.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
wine.fc Wine patch from Dan Walsh. 2010-02-19 09:17:51 -05:00
wine.if 1/1] Make the ability to mmap zero conditional where this is fapplicable. 2010-09-01 09:41:56 -04:00
wine.te 1/1] Make the ability to mmap zero conditional where this is fapplicable. 2010-09-01 09:41:56 -04:00
wireshark.fc
wireshark.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
wireshark.te Module version bump for fa1847f. 2010-07-12 14:02:18 -04:00
wm.fc
wm.if Remove improper usage of userdom_manage_home_role(), userdom_manage_tmp_role(), and userdom_manage_tmpfs_role(). 2010-07-06 13:17:05 -04:00
wm.te Remove improper usage of userdom_manage_home_role(), userdom_manage_tmp_role(), and userdom_manage_tmpfs_role(). 2010-07-06 13:17:05 -04:00
xscreensaver.fc clean up xscreensaver. 2009-09-15 09:41:42 -04:00
xscreensaver.if clean up xscreensaver. 2009-09-15 09:41:42 -04:00
xscreensaver.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00
yam.fc
yam.if apps: domain { allowed to transition, allowed access, to not audit }. 2010-08-05 08:20:59 -04:00
yam.te Whitespace change: drop unnecessary blank line at the start of .te files. 2010-06-10 08:16:35 -04:00