File: iodine.te

package info (click to toggle)
iodine 0.6.0~rc1-2+deb6u1
  • links: PTS, VCS
  • area: main
  • in suites: squeeze-lts
  • size: 800 kB
  • ctags: 809
  • sloc: ansic: 7,757; sh: 412; makefile: 119
file content (25 lines) | stat: -rw-r--r-- 720 bytes parent folder | download | duplicates (7)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# Sample post-initialization SELinux policy for Iodine
policy_module(iodine, 1.1)

require {
	type init_t;
	type initrc_t;
	type unconfined_t;
	type unlabeled_t;
	class udp_socket { read write };
	class rawip_socket { write read };
	class association recvfrom;
	class unix_dgram_socket { create connect };
}

type iodine_t;
domain_type(iodine_t)
domain_dyntrans_type(initrc_t)
allow initrc_t iodine_t:process dyntransition;

allow iodine_t unconfined_t:udp_socket { read write };
allow iodine_t unconfined_t:rawip_socket { write read };
allow iodine_t unlabeled_t:association recvfrom;
allow iodine_t self:unix_dgram_socket { create connect };
corenet_raw_receive_generic_node(iodine_t)
corenet_rw_tun_tap_dev(iodine_t)