Home | History | Annotate | Download | only in sepolicy
      1 # FLASK
      2 
      3 #
      4 # Define the security object classes
      5 #
      6 
      7 # Classes marked as userspace are classes
      8 # for userspace object managers
      9 
     10 class security
     11 class process
     12 class system
     13 class capability
     14 
     15 # file-related classes
     16 class filesystem
     17 class file
     18 class dir
     19 class fd
     20 class lnk_file
     21 class chr_file
     22 class blk_file
     23 class sock_file
     24 class fifo_file
     25 
     26 # network-related classes
     27 class socket
     28 class tcp_socket
     29 class udp_socket
     30 class rawip_socket
     31 class node
     32 class netif
     33 class netlink_socket
     34 class packet_socket
     35 class key_socket
     36 class unix_stream_socket
     37 class unix_dgram_socket
     38 
     39 # sysv-ipc-related classes
     40 class sem
     41 class msg
     42 class msgq
     43 class shm
     44 class ipc
     45 
     46 #
     47 # userspace object manager classes
     48 #
     49 
     50 # passwd/chfn/chsh
     51 class passwd			# userspace
     52 
     53 # SE-X Windows stuff (more classes below)
     54 class x_drawable		# userspace
     55 class x_screen			# userspace
     56 class x_gc			# userspace
     57 class x_font			# userspace
     58 class x_colormap		# userspace
     59 class x_property		# userspace
     60 class x_selection		# userspace
     61 class x_cursor			# userspace
     62 class x_client			# userspace
     63 class x_device			# userspace
     64 class x_server			# userspace
     65 class x_extension		# userspace
     66 
     67 # extended netlink sockets
     68 class netlink_route_socket
     69 class netlink_firewall_socket
     70 class netlink_tcpdiag_socket
     71 class netlink_nflog_socket
     72 class netlink_xfrm_socket
     73 class netlink_selinux_socket
     74 class netlink_audit_socket
     75 class netlink_ip6fw_socket
     76 class netlink_dnrt_socket
     77 
     78 class dbus			# userspace
     79 class nscd			# userspace
     80 
     81 # IPSec association
     82 class association
     83 
     84 # Updated Netlink class for KOBJECT_UEVENT family.
     85 class netlink_kobject_uevent_socket
     86 
     87 class appletalk_socket
     88 
     89 class packet
     90 
     91 # Kernel access key retention
     92 class key
     93 
     94 class context			# userspace
     95 
     96 class dccp_socket
     97 
     98 class memprotect
     99 
    100 class db_database		# userspace
    101 class db_table			# userspace
    102 class db_procedure		# userspace
    103 class db_column			# userspace
    104 class db_tuple			# userspace
    105 class db_blob			# userspace
    106 
    107 # network peer labels
    108 class peer
    109 
    110 # Capabilities >= 32
    111 class capability2
    112 
    113 # More SE-X Windows stuff
    114 class x_resource		# userspace
    115 class x_event			# userspace
    116 class x_synthetic_event		# userspace
    117 class x_application_data	# userspace
    118 
    119 # kernel services that need to override task security, e.g. cachefiles
    120 class kernel_service
    121 
    122 class tun_socket
    123 
    124 # Still More SE-X Windows stuff
    125 class x_pointer			# userspace
    126 class x_keyboard		# userspace
    127 
    128 # More Database stuff
    129 class db_schema			# userspace
    130 class db_view			# userspace
    131 class db_sequence		# userspace
    132 class db_language		# userspace
    133 
    134 class binder
    135 class zygote
    136 
    137 # Property service
    138 class property_service          # userspace
    139 
    140 # Service manager
    141 class service_manager           # userspace
    142 
    143 # Keystore Key
    144 class keystore_key              # userspace
    145 
    146 # FLASK
    147