--- nsaserefpolicy/policy/modules/system/application.fc 1969-12-31 19:00:00.000000000 -0500 +++ serefpolicy-2.5.7/policy/modules/system/application.fc 2007-03-01 18:10:08.000000000 -0500 @@ -0,0 +1 @@ +# No application file contexts. --- nsaserefpolicy/policy/modules/system/application.if 1969-12-31 19:00:00.000000000 -0500 +++ serefpolicy-2.5.7/policy/modules/system/application.if 2007-03-02 11:44:19.000000000 -0500 @@ -0,0 +1,106 @@ +##

Policy for application domains

+ +######################################## +##

+## Make the specified type usable as an application domain. +##

+## +##

+## Type to be used as a domain type. +##

+## +# +interface(`application_type',` + gen_require(` + attribute application_domain_type; + ') + + typeattribute $1 application_domain_type; + + # start with basic domain + domain_type($1) +') + +######################################## +##

+## Make the specified type usable for files +## that are exectuables, such as binary programs. +## This does not include shared libraries. +##

+## +##

+## Type to be used for files. +##

+## +# +interface(`application_executable_file',` + gen_require(` + attribute application_exec_type; + ') + + typeattribute $1 application_exec_type; + + corecmd_executable_file($1) +') + +######################################## +##

+## Execute application executables in the caller domain. +##

+## +##

+## Domain allowed access. +##

+## +# +interface(`application_exec',` + gen_require(` + attribute application_exec_type; + ') + + can_exec($1, application_exec_type) +') + +######################################## +##

+## Execute all executable files. +##

+## +##

+## Domain allowed access. +##

+## +## +# +interface(`application_exec_all',` + # Need this dontaudit or command completion fires hundreds of avcs + corecmd_dontaudit_exec_all_executables($1) + corecmd_exec_bin($1) + corecmd_exec_sbin($1) + corecmd_exec_shell($1) + corecmd_exec_ls($1) + corecmd_exec_chroot($1) + application_exec($1) +') + +######################################## +##

+## Create a domain which can be started by users +##

+## +##

+## Type to be used as a domain. +##

+## +## +##

+## Type of the program to be used as an entry point to this domain. +##

+## +# +interface(`application_domain',` + + application_type($1) + application_executable_file($2) + domain_entry_file($1,$2) +') --- nsaserefpolicy/policy/modules/system/application.te 1969-12-31 19:00:00.000000000 -0500 +++ serefpolicy-2.5.7/policy/modules/system/application.te 2007-03-02 11:39:09.000000000 -0500 @@ -0,0 +1,14 @@ + +policy_module(application,1.0.0) + +# Attribute of user applications +attribute application_domain_type; + +# Executables to be run by user +attribute application_exec_type; + +optional_policy(` + ssh_sigchld(application_doman_type) + ssh_rw_stream_sockets(application_domain_type) +') + --- nsaserefpolicy/policy/modules/system/selinuxutil.te 2007-02-19 11:32:53.000000000 -0500 +++ serefpolicy-2.5.7/policy/modules/system/selinuxutil.te 2007-03-02 11:45:02.000000000 -0500 @@ -26,11 +24,9 @@ files_type(selinux_config_t) type checkpolicy_t, can_write_binary_policy; -domain_type(checkpolicy_t) -role system_r types checkpolicy_t; - type checkpolicy_exec_t; -domain_entry_file(checkpolicy_t,checkpolicy_exec_t) +application_domain(checkpolicy_t, checkpolicy_exec_t) +role system_r types checkpolicy_t; # # default_context_t is the type applied to @@ -47,21 +43,18 @@ files_type(file_context_t) type load_policy_t; -domain_type(load_policy_t) -role system_r types load_policy_t; - type load_policy_exec_t; -domain_entry_file(load_policy_t,load_policy_exec_t) +application_domain(load_policy_t,load_policy_exec_t) +role system_r types load_policy_t; type newrole_t; +type newrole_exec_t; +application_domain(newrole_t,newrole_exec_t) +role system_r types newrole_t; domain_role_change_exemption(newrole_t) domain_obj_id_change_exemption(newrole_t) -domain_type(newrole_t) domain_interactive_fd(newrole_t) -type newrole_exec_t; -domain_entry_file(newrole_t,newrole_exec_t) - # # policy_config_t is the type of /etc/security/selinux/* # the security server policy configuration. @@ -83,31 +76,39 @@ type restorecon_exec_t; domain_obj_id_change_exemption(restorecon_t) init_system_domain(restorecon_t,restorecon_exec_t) +application_domain(restorecon_t,restorecon_exec_t) role system_r types restorecon_t; type restorecond_t; type restorecond_exec_t; init_daemon_domain(restorecond_t,restorecond_exec_t) domain_obj_id_change_exemption(restorecond_t) -role system_r types restorecond_t; type restorecond_var_run_t; files_pid_file(restorecond_var_run_t) type run_init_t; type run_init_exec_t; -domain_type(run_init_t) -domain_entry_file(run_init_t,run_init_exec_t) +application_domain(run_init_t, run_init_exec_t) domain_system_change_exemption(run_init_t) +role system_r types run_init_t; type semanage_t; -domain_type(semanage_t) -domain_interactive_fd(semanage_t) - type semanage_exec_t; -domain_entry_file(semanage_t, semanage_exec_t) +application_domain(semanage_t, semanage_exec_t) +domain_interactive_fd(semanage_t) role system_r types semanage_t; +type semanage_gui_t; +type semanage_gui_exec_t; +application_domain(semanage_gui_t, semanage_gui_exec_t) +domain_interactive_fd(semanage_gui_t) +role system_r types semanage_gui_t; + +ifdef(`targeted_policy',` +init_system_domain(semanage_t, semanage_exec_t) +') + type semanage_store_t; files_type(semanage_store_t) @@ -121,12 +122,10 @@ files_type(semanage_trans_lock_t) type setfiles_t, can_relabelto_binary_policy; -domain_obj_id_change_exemption(setfiles_t) -domain_type(setfiles_t) -role system_r types setfiles_t; - type setfiles_exec_t; -domain_entry_file(setfiles_t,setfiles_exec_t) +application_domain(setfiles_t,setfiles_exec_t) +role system_r types setfiles_t; +domain_obj_id_change_exemption(setfiles_t) ifdef(`distro_redhat',` init_system_domain(setfiles_t,setfiles_exec_t)