Chris PeBenito 134191
# FLASK
Chris PeBenito 134191
Chris PeBenito 134191
#
Chris PeBenito 134191
# Define the security object classes 
Chris PeBenito 134191
#
Chris PeBenito 134191
Chris PeBenito db93d7
# Classes marked as userspace are classes
Chris PeBenito db93d7
# for userspace object managers
Chris PeBenito db93d7
Chris PeBenito 134191
class security
Chris PeBenito 134191
class process
Chris PeBenito 134191
class system
Chris PeBenito 134191
class capability
Chris PeBenito 134191
Chris PeBenito 134191
# file-related classes
Chris PeBenito 134191
class filesystem
Chris PeBenito 134191
class file
Chris PeBenito 134191
class dir
Chris PeBenito 134191
class fd
Chris PeBenito 134191
class lnk_file
Chris PeBenito 134191
class chr_file
Chris PeBenito 134191
class blk_file
Chris PeBenito 134191
class sock_file
Chris PeBenito 134191
class fifo_file
Chris PeBenito 134191
Chris PeBenito 134191
# network-related classes
Chris PeBenito 134191
class socket
Chris PeBenito 134191
class tcp_socket
Chris PeBenito 134191
class udp_socket
Chris PeBenito 134191
class rawip_socket
Chris PeBenito 134191
class node
Chris PeBenito 134191
class netif
Chris PeBenito 134191
class netlink_socket
Chris PeBenito 134191
class packet_socket
Chris PeBenito 134191
class key_socket
Chris PeBenito 134191
class unix_stream_socket
Chris PeBenito 134191
class unix_dgram_socket
Chris PeBenito 134191
Chris PeBenito 134191
# sysv-ipc-related classes
Chris PeBenito 134191
class sem
Chris PeBenito 134191
class msg
Chris PeBenito 134191
class msgq
Chris PeBenito 134191
class shm
Chris PeBenito 134191
class ipc
Chris PeBenito 134191
Chris PeBenito 134191
#
Chris PeBenito 134191
# userspace object manager classes
Chris PeBenito 134191
#
Chris PeBenito 134191
Chris PeBenito 134191
# passwd/chfn/chsh
Chris PeBenito db93d7
class passwd			# userspace
Chris PeBenito 134191
Chris PeBenito 2c12b4
# SE-X Windows stuff (more classes below)
Chris PeBenito 2c12b4
class x_drawable		# userspace
Chris PeBenito 2c12b4
class x_screen			# userspace
Chris PeBenito 2c12b4
class x_gc			# userspace
Chris PeBenito 2c12b4
class x_font			# userspace
Chris PeBenito 2c12b4
class x_colormap		# userspace
Chris PeBenito 2c12b4
class x_property		# userspace
Chris PeBenito 2c12b4
class x_selection		# userspace
Chris PeBenito 2c12b4
class x_cursor			# userspace
Chris PeBenito 2c12b4
class x_client			# userspace
Chris PeBenito 2c12b4
class x_device			# userspace
Chris PeBenito 2c12b4
class x_server			# userspace
Chris PeBenito 2c12b4
class x_extension		# userspace
Chris PeBenito 134191
Chris PeBenito 134191
# extended netlink sockets
Chris PeBenito 134191
class netlink_route_socket
Chris PeBenito 134191
class netlink_firewall_socket
Chris PeBenito 134191
class netlink_tcpdiag_socket
Chris PeBenito 134191
class netlink_nflog_socket
Chris PeBenito 134191
class netlink_xfrm_socket
Chris PeBenito 134191
class netlink_selinux_socket
Chris PeBenito 134191
class netlink_audit_socket
Chris PeBenito 134191
class netlink_ip6fw_socket
Chris PeBenito 134191
class netlink_dnrt_socket
Chris PeBenito 134191
Chris PeBenito db93d7
class dbus			# userspace
Chris PeBenito db93d7
class nscd			# userspace
Chris PeBenito 134191
Chris PeBenito 134191
# IPSec association
Chris PeBenito 134191
class association
Chris PeBenito 134191
Chris PeBenito 134191
# Updated Netlink class for KOBJECT_UEVENT family.
Chris PeBenito 134191
class netlink_kobject_uevent_socket
Chris PeBenito 134191
Chris PeBenito f40b22
class appletalk_socket
Chris PeBenito f40b22
Chris PeBenito c55b6f
class packet
Chris PeBenito c55b6f
Chris PeBenito fe3a1e
# Kernel access key retention
Chris PeBenito fe3a1e
class key
Chris PeBenito fe3a1e
Chris PeBenito a8671a
class context			# userspace
Chris PeBenito a8671a
Chris PeBenito a715dc
class dccp_socket
Chris PeBenito a715dc
Chris PeBenito 41337a
class memprotect
Chris PeBenito 41337a
Chris PeBenito 9760cb
class db_database		# userspace
Chris PeBenito 9760cb
class db_table			# userspace
Chris PeBenito 9760cb
class db_procedure		# userspace
Chris PeBenito 9760cb
class db_column			# userspace
Chris PeBenito 9760cb
class db_tuple			# userspace
Chris PeBenito 9760cb
class db_blob			# userspace
Chris PeBenito 9760cb
Chris PeBenito f3da31
# network peer labels
Chris PeBenito f3da31
class peer
Chris PeBenito f3da31
Chris PeBenito 8b9ffe
# Capabilities >= 32
Chris PeBenito 8b9ffe
class capability2
Chris PeBenito 8b9ffe
Chris PeBenito 2c12b4
# More SE-X Windows stuff
Chris PeBenito 2c12b4
class x_resource		# userspace
Chris PeBenito 2c12b4
class x_event			# userspace
Chris PeBenito 2c12b4
class x_synthetic_event		# userspace
Chris PeBenito d923d5
class x_application_data	# userspace
Chris PeBenito 2c12b4
Chris PeBenito 347a70
# kernel services that need to override task security, e.g. cachefiles
Chris PeBenito 347a70
class kernel_service 
Chris PeBenito 347a70
Paul Moore 333494
class tun_socket
Paul Moore 333494
Eamon Walsh e4928c
# Still More SE-X Windows stuff
Eamon Walsh e4928c
class x_pointer			# userspace
Eamon Walsh e4928c
class x_keyboard		# userspace
Eamon Walsh e4928c
Chris PeBenito 134191
# FLASK