|
Chris PeBenito |
134191 |
# FLASK
|
|
Chris PeBenito |
134191 |
|
|
Chris PeBenito |
134191 |
#
|
|
Chris PeBenito |
134191 |
# Define the security object classes
|
|
Chris PeBenito |
134191 |
#
|
|
Chris PeBenito |
134191 |
|
|
Chris PeBenito |
db93d7 |
# Classes marked as userspace are classes
|
|
Chris PeBenito |
db93d7 |
# for userspace object managers
|
|
Chris PeBenito |
db93d7 |
|
|
Chris PeBenito |
134191 |
class security
|
|
Chris PeBenito |
134191 |
class process
|
|
Chris PeBenito |
134191 |
class system
|
|
Chris PeBenito |
134191 |
class capability
|
|
Chris PeBenito |
134191 |
|
|
Chris PeBenito |
134191 |
# file-related classes
|
|
Chris PeBenito |
134191 |
class filesystem
|
|
Chris PeBenito |
134191 |
class file
|
|
Chris PeBenito |
134191 |
class dir
|
|
Chris PeBenito |
134191 |
class fd
|
|
Chris PeBenito |
134191 |
class lnk_file
|
|
Chris PeBenito |
134191 |
class chr_file
|
|
Chris PeBenito |
134191 |
class blk_file
|
|
Chris PeBenito |
134191 |
class sock_file
|
|
Chris PeBenito |
134191 |
class fifo_file
|
|
Chris PeBenito |
134191 |
|
|
Chris PeBenito |
134191 |
# network-related classes
|
|
Chris PeBenito |
134191 |
class socket
|
|
Chris PeBenito |
134191 |
class tcp_socket
|
|
Chris PeBenito |
134191 |
class udp_socket
|
|
Chris PeBenito |
134191 |
class rawip_socket
|
|
Chris PeBenito |
134191 |
class node
|
|
Chris PeBenito |
134191 |
class netif
|
|
Chris PeBenito |
134191 |
class netlink_socket
|
|
Chris PeBenito |
134191 |
class packet_socket
|
|
Chris PeBenito |
134191 |
class key_socket
|
|
Chris PeBenito |
134191 |
class unix_stream_socket
|
|
Chris PeBenito |
134191 |
class unix_dgram_socket
|
|
Chris PeBenito |
134191 |
|
|
Chris PeBenito |
134191 |
# sysv-ipc-related classes
|
|
Chris PeBenito |
134191 |
class sem
|
|
Chris PeBenito |
134191 |
class msg
|
|
Chris PeBenito |
134191 |
class msgq
|
|
Chris PeBenito |
134191 |
class shm
|
|
Chris PeBenito |
134191 |
class ipc
|
|
Chris PeBenito |
134191 |
|
|
Chris PeBenito |
134191 |
#
|
|
Chris PeBenito |
134191 |
# userspace object manager classes
|
|
Chris PeBenito |
134191 |
#
|
|
Chris PeBenito |
134191 |
|
|
Chris PeBenito |
134191 |
# passwd/chfn/chsh
|
|
Chris PeBenito |
db93d7 |
class passwd # userspace
|
|
Chris PeBenito |
134191 |
|
|
Chris PeBenito |
2c12b4 |
# SE-X Windows stuff (more classes below)
|
|
Chris PeBenito |
2c12b4 |
class x_drawable # userspace
|
|
Chris PeBenito |
2c12b4 |
class x_screen # userspace
|
|
Chris PeBenito |
2c12b4 |
class x_gc # userspace
|
|
Chris PeBenito |
2c12b4 |
class x_font # userspace
|
|
Chris PeBenito |
2c12b4 |
class x_colormap # userspace
|
|
Chris PeBenito |
2c12b4 |
class x_property # userspace
|
|
Chris PeBenito |
2c12b4 |
class x_selection # userspace
|
|
Chris PeBenito |
2c12b4 |
class x_cursor # userspace
|
|
Chris PeBenito |
2c12b4 |
class x_client # userspace
|
|
Chris PeBenito |
2c12b4 |
class x_device # userspace
|
|
Chris PeBenito |
2c12b4 |
class x_server # userspace
|
|
Chris PeBenito |
2c12b4 |
class x_extension # userspace
|
|
Chris PeBenito |
134191 |
|
|
Chris PeBenito |
134191 |
# extended netlink sockets
|
|
Chris PeBenito |
134191 |
class netlink_route_socket
|
|
Chris PeBenito |
134191 |
class netlink_firewall_socket
|
|
Chris PeBenito |
134191 |
class netlink_tcpdiag_socket
|
|
Chris PeBenito |
134191 |
class netlink_nflog_socket
|
|
Chris PeBenito |
134191 |
class netlink_xfrm_socket
|
|
Chris PeBenito |
134191 |
class netlink_selinux_socket
|
|
Chris PeBenito |
134191 |
class netlink_audit_socket
|
|
Chris PeBenito |
134191 |
class netlink_ip6fw_socket
|
|
Chris PeBenito |
134191 |
class netlink_dnrt_socket
|
|
Chris PeBenito |
134191 |
|
|
Chris PeBenito |
db93d7 |
class dbus # userspace
|
|
Chris PeBenito |
db93d7 |
class nscd # userspace
|
|
Chris PeBenito |
134191 |
|
|
Chris PeBenito |
134191 |
# IPSec association
|
|
Chris PeBenito |
134191 |
class association
|
|
Chris PeBenito |
134191 |
|
|
Chris PeBenito |
134191 |
# Updated Netlink class for KOBJECT_UEVENT family.
|
|
Chris PeBenito |
134191 |
class netlink_kobject_uevent_socket
|
|
Chris PeBenito |
134191 |
|
|
Chris PeBenito |
f40b22 |
class appletalk_socket
|
|
Chris PeBenito |
f40b22 |
|
|
Chris PeBenito |
c55b6f |
class packet
|
|
Chris PeBenito |
c55b6f |
|
|
Chris PeBenito |
fe3a1e |
# Kernel access key retention
|
|
Chris PeBenito |
fe3a1e |
class key
|
|
Chris PeBenito |
fe3a1e |
|
|
Chris PeBenito |
a8671a |
class context # userspace
|
|
Chris PeBenito |
a8671a |
|
|
Chris PeBenito |
a715dc |
class dccp_socket
|
|
Chris PeBenito |
a715dc |
|
|
Chris PeBenito |
41337a |
class memprotect
|
|
Chris PeBenito |
41337a |
|
|
Chris PeBenito |
9760cb |
class db_database # userspace
|
|
Chris PeBenito |
9760cb |
class db_table # userspace
|
|
Chris PeBenito |
9760cb |
class db_procedure # userspace
|
|
Chris PeBenito |
9760cb |
class db_column # userspace
|
|
Chris PeBenito |
9760cb |
class db_tuple # userspace
|
|
Chris PeBenito |
9760cb |
class db_blob # userspace
|
|
Chris PeBenito |
9760cb |
|
|
Chris PeBenito |
f3da31 |
# network peer labels
|
|
Chris PeBenito |
f3da31 |
class peer
|
|
Chris PeBenito |
f3da31 |
|
|
Chris PeBenito |
8b9ffe |
# Capabilities >= 32
|
|
Chris PeBenito |
8b9ffe |
class capability2
|
|
Chris PeBenito |
8b9ffe |
|
|
Chris PeBenito |
2c12b4 |
# More SE-X Windows stuff
|
|
Chris PeBenito |
2c12b4 |
class x_resource # userspace
|
|
Chris PeBenito |
2c12b4 |
class x_event # userspace
|
|
Chris PeBenito |
2c12b4 |
class x_synthetic_event # userspace
|
|
Chris PeBenito |
d923d5 |
class x_application_data # userspace
|
|
Chris PeBenito |
2c12b4 |
|
|
Chris PeBenito |
347a70 |
# kernel services that need to override task security, e.g. cachefiles
|
|
Chris PeBenito |
347a70 |
class kernel_service
|
|
Chris PeBenito |
347a70 |
|
|
Paul Moore |
333494 |
class tun_socket
|
|
Paul Moore |
333494 |
|
|
Eamon Walsh |
e4928c |
# Still More SE-X Windows stuff
|
|
Eamon Walsh |
e4928c |
class x_pointer # userspace
|
|
Eamon Walsh |
e4928c |
class x_keyboard # userspace
|
|
Eamon Walsh |
e4928c |
|
|
Chris PeBenito |
134191 |
# FLASK
|