selinux-refpolicy/policy/modules/kernel/mls.if
Chris PeBenito e1a70f1dde trunk: add MLS constrains for ingress/egress permissions from Paul Moore.
Add MLS constraints for several network related access controls including
the new ingress/egress controls and the older Secmark controls.  Based on
the following post to the SELinux Reference Policy mailing list:

 * http://oss.tresys.com/pipermail/refpolicy/2009-February/000579.html
2009-03-02 15:16:49 +00:00

985 lines
19 KiB
Plaintext

## <summary>Multilevel security policy</summary>
## <desc>
## <p>
## This module contains interfaces for handling multilevel
## security. The interfaces allow the specified subjects
## and objects to be allowed certain privileges in the
## MLS rules.
## </p>
## </desc>
## <required val="true">
## Contains attributes used in MLS policy.
## </required>
########################################
## <summary>
## Make specified domain MLS trusted
## for reading from files up to its clearance.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_file_read_to_clearance',`
gen_require(`
attribute mlsfilereadtoclr;
')
typeattribute $1 mlsfilereadtoclr;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for reading from files at all levels. (Deprecated)
## </summary>
## <desc>
## <p>
## Make specified domain MLS trusted
## for reading from files at all levels.
## </p>
## <p>
## This interface has been deprecated, please use
## mls_file_read_all_levels() instead.
## </p>
## </desc>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`mls_file_read_up',`
refpolicywarn(`$0($*) has been deprecated, please use mls_file_read_all_levels() instead.')
mls_file_read_all_levels($1)
')
########################################
## <summary>
## Make specified domain MLS trusted
## for reading from files at all levels.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_file_read_all_levels',`
gen_require(`
attribute mlsfileread;
')
typeattribute $1 mlsfileread;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for write to files up to its clearance.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_file_write_to_clearance',`
gen_require(`
attribute mlsfilewritetoclr;
')
typeattribute $1 mlsfilewritetoclr;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for writing to files at all levels. (Deprecated)
## </summary>
## <desc>
## <p>
## Make specified domain MLS trusted
## for writing to files at all levels.
## </p>
## <p>
## This interface has been deprecated, please use
## mls_file_write_all_levels() instead.
## </p>
## </desc>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`mls_file_write_down',`
refpolicywarn(`$0($*) has been deprecated, please use mls_file_write_all_levels() instead.')
mls_file_write_all_levels($1)
')
########################################
## <summary>
## Make specified domain MLS trusted
## for writing to files at all levels.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_file_write_all_levels',`
gen_require(`
attribute mlsfilewrite;
')
typeattribute $1 mlsfilewrite;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for raising the level of files.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_file_upgrade',`
gen_require(`
attribute mlsfileupgrade;
')
typeattribute $1 mlsfileupgrade;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for lowering the level of files.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_file_downgrade',`
gen_require(`
attribute mlsfiledowngrade;
')
typeattribute $1 mlsfiledowngrade;
')
########################################
## <summary>
## Make specified domain trusted to
## be written to within its MLS range.
## The subject's MLS range must be a
## proper subset of the object's MLS range.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_file_write_within_range',`
gen_require(`
attribute mlsfilewriteinrange;
')
typeattribute $1 mlsfilewriteinrange;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for reading from sockets at any level.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_socket_read_all_levels',`
gen_require(`
attribute mlsnetread;
')
typeattribute $1 mlsnetread;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for reading from sockets at any level
## that is dominated by the process clearance.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_socket_read_to_clearance',`
gen_require(`
attribute mlsnetreadtoclr;
')
typeattribute $1 mlsnetreadtoclr;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for writing to sockets up to
## its clearance.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_socket_write_to_clearance',`
gen_require(`
attribute mlsnetwritetoclr;
')
typeattribute $1 mlsnetwritetoclr;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for writing to sockets at any level.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_socket_write_all_levels',`
gen_require(`
attribute mlsnetwrite;
')
typeattribute $1 mlsnetwrite;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for receiving network data from
## network interfaces or hosts at any level.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_net_receive_all_levels',`
gen_require(`
attribute mlsnetrecvall;
')
typeattribute $1 mlsnetrecvall;
')
########################################
## <summary>
## Make specified domain trusted to
## write to network objects within its MLS range.
## The subject's MLS range must be a
## proper subset of the object's MLS range.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_net_write_within_range',`
gen_require(`
attribute mlsnetwriteranged;
')
typeattribute $1 mlsnetwriteranged;
')
########################################
## <summary>
## Make specified domain trusted to
## write inbound packets regardless of the
## network's or node's MLS range.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_net_inbound_all_levels',`
gen_require(`
attribute mlsnetinbound;
')
typeattribute $1 mlsnetinbound;
')
########################################
## <summary>
## Make specified domain trusted to
## write outbound packets regardless of the
## network's or node's MLS range.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_net_outbound_all_levels',`
gen_require(`
attribute mlsnetoutbound;
')
typeattribute $1 mlsnetoutbound;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for reading from System V IPC objects
## up to its clearance.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_sysvipc_read_to_clearance',`
gen_require(`
attribute mlsipcreadtoclr;
')
typeattribute $1 mlsipcreadtoclr;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for reading from System V IPC objects
## at any level.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_sysvipc_read_all_levels',`
gen_require(`
attribute mlsipcread;
')
typeattribute $1 mlsipcread;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for writing to System V IPC objects
## up to its clearance.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_sysvipc_write_to_clearance',`
gen_require(`
attribute mlsipcwritetoclr;
')
typeattribute $1 mlsipcwritetoclr;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for writing to System V IPC objects
## at any level.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_sysvipc_write_all_levels',`
gen_require(`
attribute mlsipcwrite;
')
typeattribute $1 mlsipcwrite;
')
########################################
## <summary>
## Allow the specified domain to do a MLS
## range transition that changes
## the current level.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`mls_rangetrans_source',`
gen_require(`
attribute privrangetrans;
')
typeattribute $1 privrangetrans;
')
########################################
## <summary>
## Make specified domain a target domain
## for MLS range transitions that change
## the current level.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`mls_rangetrans_target',`
gen_require(`
attribute mlsrangetrans;
')
typeattribute $1 mlsrangetrans;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for reading from processes up to
## its clearance.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_process_read_to_clearance',`
gen_require(`
attribute mlsprocreadtoclr;
')
typeattribute $1 mlsprocreadtoclr;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for reading from processes at all levels. (Deprecated)
## </summary>
## <desc>
## <p>
## Make specified domain MLS trusted
## for reading from processes at all levels.
## </p>
## <p>
## This interface has been deprecated, please use
## mls_process_read_all_levels() instead.
## </p>
## </desc>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`mls_process_read_up',`
# refpolicywarn(`$0($*) has been deprecated, please use mls_process_read_all_levels() instead.')
mls_process_read_all_levels($1)
')
########################################
## <summary>
## Make specified domain MLS trusted
## for reading from processes at all levels.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_process_read_all_levels',`
gen_require(`
attribute mlsprocread;
')
typeattribute $1 mlsprocread;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for writing to processes up to
## its clearance.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_process_write_to_clearance',`
gen_require(`
attribute mlsprocwritetoclr;
')
typeattribute $1 mlsprocwritetoclr;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for writing to processes at all levels. (Deprecated)
## </summary>
## <desc>
## <p>
## Make specified domain MLS trusted
## for writing to processes at all levels.
## </p>
## <p>
## This interface has been deprecated, please use
## mls_process_write_all_levels() instead.
## </p>
## </desc>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`mls_process_write_down',`
# refpolicywarn(`$0($*) has been deprecated, please use mls_process_write_all_levels() instead.')
mls_process_write_all_levels($1)
')
########################################
## <summary>
## Make specified domain MLS trusted
## for writing to processes at all levels.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_process_write_all_levels',`
gen_require(`
attribute mlsprocwrite;
')
typeattribute $1 mlsprocwrite;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for setting the level of processes
## it executes.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_process_set_level',`
gen_require(`
attribute mlsprocsetsl;
')
typeattribute $1 mlsprocsetsl;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for reading from X objects up to its clearance.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_xwin_read_to_clearance',`
gen_require(`
attribute mlsxwinreadtoclr;
')
typeattribute $1 mlsxwinreadtoclr;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for reading from X objects at any level.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_xwin_read_all_levels',`
gen_require(`
attribute mlsxwinread;
')
typeattribute $1 mlsxwinread;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for write to X objects up to its clearance.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_xwin_write_to_clearance',`
gen_require(`
attribute mlsxwinwritetoclr;
')
typeattribute $1 mlsxwinwritetoclr;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for writing to X objects at any level.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_xwin_write_all_levels',`
gen_require(`
attribute mlsxwinwrite;
')
typeattribute $1 mlsxwinwrite;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for reading from X colormaps at any level.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_colormap_read_all_levels',`
gen_require(`
attribute mlsxwinreadcolormap;
')
typeattribute $1 mlsxwinreadcolormap;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for writing to X colormaps at any level.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_colormap_write_all_levels',`
gen_require(`
attribute mlsxwinwritecolormap;
')
typeattribute $1 mlsxwinwritecolormap;
')
########################################
## <summary>
## Make specified object MLS trusted.
## </summary>
## <desc>
## <p>
## Make specified object MLS trusted. This
## allows all levels to read and write the
## object.
## </p>
## <p>
## This currently only applies to filesystem
## objects, for example, files and directories.
## </p>
## </desc>
## <param name="domain">
## <summary>
## The type of the object.
## </summary>
## </param>
#
interface(`mls_trusted_object',`
gen_require(`
attribute mlstrustedobject;
')
typeattribute $1 mlstrustedobject;
')
########################################
## <summary>
## Make the specified domain trusted
## to inherit and use file descriptors
## from all levels.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_fd_use_all_levels',`
gen_require(`
attribute mlsfduse;
')
typeattribute $1 mlsfduse;
')
########################################
## <summary>
## Make the file descriptors from the
## specifed domain inheritable by
## all levels.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_fd_share_all_levels',`
gen_require(`
attribute mlsfdshare;
')
typeattribute $1 mlsfdshare;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for translating contexts at all levels.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_context_translate_all_levels',`
gen_require(`
attribute mlstranslate;
')
typeattribute $1 mlstranslate;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for reading from databases at any level.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_db_read_all_levels',`
gen_require(`
attribute mlsdbread;
')
typeattribute $1 mlsdbread;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for writing to databases at any level.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_db_write_all_levels',`
gen_require(`
attribute mlsdbwrite;
')
typeattribute $1 mlsdbwrite;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for raising the level of databases.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_db_upgrade',`
gen_require(`
attribute mlsdbupgrade;
')
typeattribute $1 mlsdbupgrade;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for lowering the level of databases.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_db_downgrade',`
gen_require(`
attribute mlsdbdowngrade;
')
typeattribute $1 mlsdbdowngrade;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for sending dbus messages to
## all levels.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_dbus_send_all_levels',`
gen_require(`
attribute mlsdbussend;
')
typeattribute $1 mlsdbussend;
')
########################################
## <summary>
## Make specified domain MLS trusted
## for receiving dbus messages from
## all levels.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
## <rolecap/>
#
interface(`mls_dbus_recv_all_levels',`
gen_require(`
attribute mlsdbusrecv;
')
typeattribute $1 mlsdbusrecv;
')