|
Chris PeBenito |
17de1b |
## <summary>Multilevel security policy</summary>
|
|
Chris PeBenito |
17de1b |
## <desc>
|
|
Chris PeBenito |
17de1b |
##
|
|
Chris PeBenito |
17de1b |
## This module contains interfaces for handling multilevel
|
|
Chris PeBenito |
17de1b |
## security. The interfaces allow the specified subjects
|
|
Chris PeBenito |
17de1b |
## and objects to be allowed certain privileges in the
|
|
Chris PeBenito |
17de1b |
## MLS rules.
|
|
Chris PeBenito |
17de1b |
##
|
|
Chris PeBenito |
17de1b |
## </desc>
|
|
Chris PeBenito |
17de1b |
## <required val="true">
|
|
Chris PeBenito |
17de1b |
## Contains attributes used in MLS policy.
|
|
Chris PeBenito |
17de1b |
## </required>
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for reading from files at higher levels.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
bbcd3c |
## <rolecap/>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_file_read_up',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsfileread;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsfileread;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for writing to files at lower levels.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
bbcd3c |
## <rolecap/>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_file_write_down',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsfilewrite;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsfilewrite;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for raising the level of files.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
bbcd3c |
## <rolecap/>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_file_upgrade',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsfileupgrade;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsfileupgrade;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for lowering the level of files.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
bbcd3c |
## <rolecap/>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_file_downgrade',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsfiledowngrade;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsfiledowngrade;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for reading from sockets at any level.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_socket_read_all_levels',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsnetread;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsnetread;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for reading from sockets at any level
|
|
Chris PeBenito |
17de1b |
## that is dominated by the process clearance.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_socket_read_to_clearance',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsnetreadtoclr;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsnetreadtoclr;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for writing to sockets at any level.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_socket_write_all_levels',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsnetwrite;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsnetwrite;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for receiving network data from
|
|
Chris PeBenito |
17de1b |
## network interfaces or hosts at any level.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_net_receive_all_levels',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsnetrecvall;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsnetrecvall;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for reading from System V IPC objects
|
|
Chris PeBenito |
17de1b |
## at any level.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_sysvipc_read_all_levels',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsipcread;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsipcread;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for writing to System V IPC objects
|
|
Chris PeBenito |
17de1b |
## at any level.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_sysvipc_write_all_levels',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsipcwrite;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsipcwrite;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Allow the specified domain to do a MLS
|
|
Chris PeBenito |
17de1b |
## range transition that changes
|
|
Chris PeBenito |
17de1b |
## the current level.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_rangetrans_source',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute privrangetrans;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 privrangetrans;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain a target domain
|
|
Chris PeBenito |
17de1b |
## for MLS range transitions that change
|
|
Chris PeBenito |
17de1b |
## the current level.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_rangetrans_target',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsrangetrans;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsrangetrans;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for reading from processes at higher levels.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_process_read_up',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsprocread;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsprocread;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for writing to processes at lower levels.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_process_write_down',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsprocwrite;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsprocwrite;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for setting the level of processes
|
|
Chris PeBenito |
17de1b |
## it executes.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_process_set_level',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsprocsetsl;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsprocsetsl;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for reading from X objects at any level.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_xwin_read_all_levels',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsxwinread;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsxwinread;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for writing to X objects at any level.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_xwin_write_all_levels',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsxwinwrite;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsxwinwrite;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for reading from X colormaps at any level.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_colormap_read_all_levels',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsxwinreadcolormap;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsxwinreadcolormap;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified domain MLS trusted
|
|
Chris PeBenito |
17de1b |
## for writing to X colormaps at any level.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Domain allowed access.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_colormap_write_all_levels',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlsxwinwritecolormap;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlsxwinwritecolormap;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
########################################
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## Make specified object MLS trusted.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## <desc>
|
|
Chris PeBenito |
17de1b |
##
|
|
Chris PeBenito |
17de1b |
## Make specified object MLS trusted. This
|
|
Chris PeBenito |
17de1b |
## allows all levels to read and write the
|
|
Chris PeBenito |
17de1b |
## object.
|
|
Chris PeBenito |
17de1b |
##
|
|
Chris PeBenito |
17de1b |
##
|
|
Chris PeBenito |
17de1b |
## This currently only applies to filesystem
|
|
Chris PeBenito |
17de1b |
## objects, for example, files and directories.
|
|
Chris PeBenito |
17de1b |
##
|
|
Chris PeBenito |
17de1b |
## </desc>
|
|
Chris PeBenito |
17de1b |
## <param name="domain">
|
|
Chris PeBenito |
17de1b |
## <summary>
|
|
Chris PeBenito |
17de1b |
## The type of the object.
|
|
Chris PeBenito |
17de1b |
## </summary>
|
|
Chris PeBenito |
17de1b |
## </param>
|
|
Chris PeBenito |
17de1b |
#
|
|
Chris PeBenito |
17de1b |
interface(`mls_trusted_object',`
|
|
Chris PeBenito |
17de1b |
gen_require(`
|
|
Chris PeBenito |
17de1b |
attribute mlstrustedobject;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
17de1b |
|
|
Chris PeBenito |
17de1b |
typeattribute $1 mlstrustedobject;
|
|
Chris PeBenito |
17de1b |
')
|
|
Chris PeBenito |
cf7af1 |
|
|
Chris PeBenito |
cf7af1 |
########################################
|
|
Chris PeBenito |
cf7af1 |
## <summary>
|
|
Chris PeBenito |
cf7af1 |
## Make the specified domain trusted
|
|
Chris PeBenito |
cf7af1 |
## to inherit and use file descriptors
|
|
Chris PeBenito |
cf7af1 |
## from all levels.
|
|
Chris PeBenito |
cf7af1 |
## </summary>
|
|
Chris PeBenito |
cf7af1 |
## <param name="domain">
|
|
Chris PeBenito |
cf7af1 |
## <summary>
|
|
Chris PeBenito |
cf7af1 |
## Domain allowed access.
|
|
Chris PeBenito |
cf7af1 |
## </summary>
|
|
Chris PeBenito |
cf7af1 |
## </param>
|
|
Chris PeBenito |
cf7af1 |
#
|
|
Chris PeBenito |
cf7af1 |
interface(`mls_fd_use_all_levels',`
|
|
Chris PeBenito |
cf7af1 |
gen_require(`
|
|
Chris PeBenito |
cf7af1 |
attribute mlsfduse;
|
|
Chris PeBenito |
cf7af1 |
')
|
|
Chris PeBenito |
cf7af1 |
|
|
Chris PeBenito |
cf7af1 |
typeattribute $1 mlsfduse;
|
|
Chris PeBenito |
cf7af1 |
')
|
|
Chris PeBenito |
cf7af1 |
|
|
Chris PeBenito |
cf7af1 |
########################################
|
|
Chris PeBenito |
cf7af1 |
## <summary>
|
|
Chris PeBenito |
cf7af1 |
## Make the file descriptors from the
|
|
Chris PeBenito |
cf7af1 |
## specifed domain inheritable by
|
|
Chris PeBenito |
cf7af1 |
## all levels.
|
|
Chris PeBenito |
cf7af1 |
## </summary>
|
|
Chris PeBenito |
cf7af1 |
## <param name="domain">
|
|
Chris PeBenito |
cf7af1 |
## <summary>
|
|
Chris PeBenito |
cf7af1 |
## Domain allowed access.
|
|
Chris PeBenito |
cf7af1 |
## </summary>
|
|
Chris PeBenito |
cf7af1 |
## </param>
|
|
Chris PeBenito |
cf7af1 |
#
|
|
Chris PeBenito |
cf7af1 |
interface(`mls_fd_share_all_levels',`
|
|
Chris PeBenito |
cf7af1 |
gen_require(`
|
|
Chris PeBenito |
cf7af1 |
attribute mlsfdshare;
|
|
Chris PeBenito |
cf7af1 |
')
|
|
Chris PeBenito |
cf7af1 |
|
|
Chris PeBenito |
cf7af1 |
typeattribute $1 mlsfdshare;
|
|
Chris PeBenito |
cf7af1 |
')
|