1 # FLASK 2 3 # 4 # Define the security object classes 5 # 6 7 # Classes marked as userspace are classes 8 # for userspace object managers 9 10 class security 11 class process 12 class system 13 class capability 14 15 # file-related classes 16 class filesystem 17 class file 18 class dir 19 class fd 20 class lnk_file 21 class chr_file 22 class blk_file 23 class sock_file 24 class fifo_file 25 26 # network-related classes 27 class socket 28 class tcp_socket 29 class udp_socket 30 class rawip_socket 31 class node 32 class netif 33 class netlink_socket 34 class packet_socket 35 class key_socket 36 class unix_stream_socket 37 class unix_dgram_socket 38 39 # sysv-ipc-related classes 40 class sem 41 class msg 42 class msgq 43 class shm 44 class ipc 45 46 # 47 # userspace object manager classes 48 # 49 50 # passwd/chfn/chsh 51 class passwd # userspace 52 53 # SE-X Windows stuff (more classes below) 54 class x_drawable # userspace 55 class x_screen # userspace 56 class x_gc # userspace 57 class x_font # userspace 58 class x_colormap # userspace 59 class x_property # userspace 60 class x_selection # userspace 61 class x_cursor # userspace 62 class x_client # userspace 63 class x_device # userspace 64 class x_server # userspace 65 class x_extension # userspace 66 67 # extended netlink sockets 68 class netlink_route_socket 69 class netlink_firewall_socket 70 class netlink_tcpdiag_socket 71 class netlink_nflog_socket 72 class netlink_xfrm_socket 73 class netlink_selinux_socket 74 class netlink_audit_socket 75 class netlink_ip6fw_socket 76 class netlink_dnrt_socket 77 78 class dbus # userspace 79 class nscd # userspace 80 81 # IPSec association 82 class association 83 84 # Updated Netlink class for KOBJECT_UEVENT family. 85 class netlink_kobject_uevent_socket 86 87 class appletalk_socket 88 89 class packet 90 91 # Kernel access key retention 92 class key 93 94 class context # userspace 95 96 class dccp_socket 97 98 class memprotect 99 100 class db_database # userspace 101 class db_table # userspace 102 class db_procedure # userspace 103 class db_column # userspace 104 class db_tuple # userspace 105 class db_blob # userspace 106 107 # network peer labels 108 class peer 109 110 # Capabilities >= 32 111 class capability2 112 113 # More SE-X Windows stuff 114 class x_resource # userspace 115 class x_event # userspace 116 class x_synthetic_event # userspace 117 class x_application_data # userspace 118 119 # kernel services that need to override task security, e.g. cachefiles 120 class kernel_service 121 122 class tun_socket 123 124 # Still More SE-X Windows stuff 125 class x_pointer # userspace 126 class x_keyboard # userspace 127 128 # More Database stuff 129 class db_schema # userspace 130 class db_view # userspace 131 class db_sequence # userspace 132 class db_language # userspace 133 134 class binder 135 class zygote 136 137 # Property service 138 class property_service # userspace 139 140 # Service manager 141 class service_manager # userspace 142 143 # Keystore Key 144 class keystore_key # userspace 145 146 # FLASK 147