#DESC Crack - Password cracking application

#

# Author:  Russell Coker <russell@coker.com.au>

# X-Debian-Packages: crack

#

#################################

#

# Rules for the crack_t domain.

#

# crack_exec_t is the type of the crack executable.

#

system_domain(crack)

ifdef(`crond.te', `

system_crond_entry(crack_exec_t, crack_t)

')

# for SSP

allow crack_t urandom_device_t:chr_file read;

type crack_db_t, file_type, sysadmfile, usercanread;

allow crack_t var_t:dir search;

rw_dir_create_file(crack_t, crack_db_t)

allow crack_t device_t:dir search;

allow crack_t devtty_t:chr_file rw_file_perms;

allow crack_t self:fifo_file { read write getattr };

tmp_domain(crack)

# for dictionaries

allow crack_t usr_t:file { getattr read };

can_exec(crack_t, bin_t)

allow crack_t { bin_t sbin_t }:dir search;

allow crack_t self:process { fork signal_perms };

allow crack_t proc_t:dir { read search };

allow crack_t proc_t:file { read getattr };

# read config files

allow crack_t { etc_t etc_runtime_t }:file { getattr read };

allow crack_t etc_t:dir r_dir_perms;

allow crack_t fs_t:filesystem getattr;

dontaudit crack_t sysadm_home_dir_t:dir { getattr search };