selinux-refpolicy/mls/types/security.te

61 lines
1.4 KiB
Plaintext

#
# Authors: Stephen Smalley <sds@epoch.ncsc.mil> and Timothy Fraser
#
############################################
#
# Security types
#
#
# security_t is the target type when checking
# the permissions in the security class. It is also
# applied to selinuxfs inodes.
#
type security_t, mount_point, fs_type, mlstrustedobject;
dontaudit domain security_t:dir search;
dontaudit domain security_t:file { getattr read };
#
# policy_config_t is the type of /etc/security/selinux/*
# the security server policy configuration.
#
type policy_config_t, file_type, secadmfile;
# Since libselinux attempts to read these by default, most domains
# do not need it.
dontaudit domain selinux_config_t:dir search;
dontaudit domain selinux_config_t:file { getattr read };
#
# policy_src_t is the type of the policy source
# files.
#
type policy_src_t, file_type, secadmfile;
#
# default_context_t is the type applied to
# /etc/selinux/*/contexts/*
#
type default_context_t, file_type, login_contexts, secadmfile;
#
# file_context_t is the type applied to
# /etc/selinux/*/contexts/files
#
type file_context_t, file_type, secadmfile;
#
# no_access_t is the type for objects that should
# only be accessed administratively.
#
type no_access_t, file_type, sysadmfile;
#
# selinux_config_t is the type applied to
# /etc/selinux/config
#
type selinux_config_t, file_type, secadmfile;