|
Karl MacMillan |
660bf7 |
<html>
|
|
Karl MacMillan |
660bf7 |
<head>
|
|
Karl MacMillan |
660bf7 |
<title>
|
|
Karl MacMillan |
660bf7 |
Security Enhanced Linux Reference Policy
|
|
Karl MacMillan |
660bf7 |
</title>
|
|
Karl MacMillan |
660bf7 |
<style type="text/css" media="all">@import "style.css";</style>
|
|
Karl MacMillan |
660bf7 |
</head>
|
|
Karl MacMillan |
660bf7 |
<body>
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
+
|
|
Karl MacMillan |
660bf7 |
admin
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
acct
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
-
|
|
Chris PeBenito |
e3a8e3 |
consoletype
|
|
Chris PeBenito |
e3a8e3 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
dmesg
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
firstboot
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
-
|
|
Chris PeBenito |
e3a8e3 |
logrotate
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
-
|
|
Chris PeBenito |
e3a8e3 |
netutils
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
quota
|
|
Chris PeBenito |
c2ecf0 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
rpm
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
su
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
sudo
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
tmpreaper
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
updfstab
|
|
Chris PeBenito |
c2ecf0 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
usermanage
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
e3a8e3 |
+
|
|
Chris PeBenito |
e3a8e3 |
apps
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
-
|
|
Chris PeBenito |
e3a8e3 |
gpg
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
loadkeys
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Karl MacMillan |
660bf7 |
+
|
|
Karl MacMillan |
660bf7 |
kernel
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
bootloader
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
corenetwork
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
devices
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
filesystem
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
kernel
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
selinux
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
storage
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
terminal
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
+
|
|
Karl MacMillan |
660bf7 |
services
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
bind
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
-
|
|
Chris PeBenito |
e3a8e3 |
cron
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
gpm
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
howl
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
-
|
|
Chris PeBenito |
e3a8e3 |
inetd
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
-
|
|
Chris PeBenito |
e3a8e3 |
kerberos
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
ldap
|
|
Chris PeBenito |
c2ecf0 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
mta
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
mysql
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
-
|
|
Chris PeBenito |
e3a8e3 |
nis
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
8b1125 |
-
|
|
Chris PeBenito |
8b1125 |
nscd
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
privoxy
|
|
Chris PeBenito |
c2ecf0 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
remotelogin
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
rshd
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
rsync
|
|
Chris PeBenito |
c2ecf0 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
sendmail
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
e3a8e3 |
-
|
|
Chris PeBenito |
e3a8e3 |
ssh
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
c2ecf0 |
-
|
|
Chris PeBenito |
c2ecf0 |
tcpd
|
|
Chris PeBenito |
c2ecf0 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
+
|
|
Karl MacMillan |
660bf7 |
system
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
authlogin
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
clock
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
corecommands
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
domain
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
files
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
e3a8e3 |
-
|
|
Chris PeBenito |
e3a8e3 |
fstools
|
|
Chris PeBenito |
e3a8e3 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
getty
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
hostname
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
hotplug
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
init
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
8b1125 |
-
|
|
Chris PeBenito |
8b1125 |
ipsec
|
|
Chris PeBenito |
8b1125 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
iptables
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
libraries
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
locallogin
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
logging
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
lvm
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
miscfiles
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
modutils
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
mount
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
8b1125 |
-
|
|
Chris PeBenito |
8b1125 |
pcmcia
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
-
|
|
Chris PeBenito |
8b1125 |
raid
|
|
Chris PeBenito |
8b1125 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
selinuxutil
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
sysnetwork
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
udev
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
767266 |
-
|
|
Chris PeBenito |
767266 |
unconfined
|
|
Chris PeBenito |
767266 |
|
|
Karl MacMillan |
660bf7 |
-
|
|
Karl MacMillan |
660bf7 |
userdomain
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
8b1125 |
* Global Booleans
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
8b1125 |
* Global Tunables
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
* Layer Index
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
* Interface Index
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
* Template Index
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
Layer: admin
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
Policy modules for administrative functions, such as package management.
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
Module:Description:
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
acct
|
|
Chris PeBenito |
c2ecf0 |
Berkeley process accounting
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
consoletype
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
Determine of the console connected to the controlling terminal.
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
dmesg
|
|
Karl MacMillan |
660bf7 |
Policy for dmesg.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
firstboot
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
Final system configuration run during the first boot
|
|
Chris PeBenito |
c2ecf0 |
after installation of Red Hat/Fedora systems.
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
logrotate
|
|
Chris PeBenito |
e3a8e3 |
Rotate and archive system logs
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
netutils
|
|
Chris PeBenito |
e3a8e3 |
Network analysis utilities
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
quota
|
|
Chris PeBenito |
c2ecf0 |
File system quota management
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
rpm
|
|
Karl MacMillan |
660bf7 |
Policy for the RPM package manager.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
su
|
|
Chris PeBenito |
c2ecf0 |
Run shells with substitute user and group
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
sudo
|
|
Chris PeBenito |
c2ecf0 |
Execute a command with a substitute user
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
tmpreaper
|
|
Chris PeBenito |
c2ecf0 |
Manage temporary directory sizes and file ages
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
updfstab
|
|
Chris PeBenito |
c2ecf0 |
Red Hat utility to change /etc/fstab.
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
usermanage
|
|
Karl MacMillan |
660bf7 |
Policy for managing user accounts.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
Layer: kernel
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
Policy for kernel threads, proc filesystem,and unlabeled processes and objects.
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
Module:Description:
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
bootloader
|
|
Karl MacMillan |
660bf7 |
Policy for the kernel modules, kernel image, and bootloader.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
corenetwork
|
|
Karl MacMillan |
660bf7 |
Policy controlling access to network objects
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
devices
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
Device nodes and interfaces for many basic system devices.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
filesystem
|
|
Karl MacMillan |
660bf7 |
Policy for filesystems.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
kernel
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
767266 |
Policy for kernel threads, proc filesystem,and unlabeled processes and objects.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
selinux
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
Policy for kernel security interface, in particular, selinuxfs.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
storage
|
|
Karl MacMillan |
660bf7 |
Policy controlling access to storage devices
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
terminal
|
|
Karl MacMillan |
660bf7 |
Policy for terminals.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
e3a8e3 |
Layer: apps
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
8b1125 |
Policy modules for applications
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
Module:Description:
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
gpg
|
|
Chris PeBenito |
e3a8e3 |
Policy for GNU Privacy Guard and related programs.
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
loadkeys
|
|
Chris PeBenito |
c2ecf0 |
Load keyboard mappings.
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
Layer: system
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
Policy modules for system functions from init to multi-user login.
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
Module:Description:
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
authlogin
|
|
Karl MacMillan |
660bf7 |
Common policy for authentication and user login.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
clock
|
|
Karl MacMillan |
660bf7 |
Policy for reading and setting the hardware clock.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
corecommands
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
Core policy for shells, and generic programs
|
|
Karl MacMillan |
660bf7 |
in /bin, /sbin, /usr/bin, and /usr/sbin.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
domain
|
|
Karl MacMillan |
660bf7 |
Core policy for domains.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
files
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
Basic filesystem types and interfaces.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
fstools
|
|
Chris PeBenito |
e3a8e3 |
Tools for filesystem management, such as mkfs and fsck.
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
getty
|
|
Karl MacMillan |
660bf7 |
Policy for getty.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
hostname
|
|
Karl MacMillan |
660bf7 |
Policy for changing the system host name.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
hotplug
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
Policy for hotplug system, for supporting the
|
|
Karl MacMillan |
660bf7 |
connection and disconnection of devices at runtime.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
init
|
|
Karl MacMillan |
660bf7 |
System initialization programs (init and init scripts).
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
ipsec
|
|
Chris PeBenito |
8b1125 |
TCP/IP encryption
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
iptables
|
|
Karl MacMillan |
660bf7 |
Policy for iptables.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
libraries
|
|
Karl MacMillan |
660bf7 |
Policy for system libraries.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
locallogin
|
|
Karl MacMillan |
660bf7 |
Policy for local logins.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
logging
|
|
Karl MacMillan |
660bf7 |
Policy for the kernel message logger and system logging daemon.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
lvm
|
|
Karl MacMillan |
660bf7 |
Policy for logical volume management programs.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
miscfiles
|
|
Karl MacMillan |
660bf7 |
Miscelaneous files.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
modutils
|
|
Karl MacMillan |
660bf7 |
Policy for kernel module utilities
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
mount
|
|
Karl MacMillan |
660bf7 |
Policy for mount.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
pcmcia
|
|
Chris PeBenito |
8b1125 |
PCMCIA card management services
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
raid
|
|
Chris PeBenito |
8b1125 |
RAID array management tools
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
selinuxutil
|
|
Karl MacMillan |
660bf7 |
Policy for SELinux policy and userland applications.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
sysnetwork
|
|
Karl MacMillan |
660bf7 |
Policy for network configuration: ifconfig and dhcp client.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
udev
|
|
Karl MacMillan |
660bf7 |
Policy for udev.
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
767266 |
|
|
Chris PeBenito |
767266 |
unconfined
|
|
Chris PeBenito |
767266 |
The unconfined domain.
|
|
Chris PeBenito |
767266 |
|
|
Chris PeBenito |
767266 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
userdomain
|
|
Karl MacMillan |
660bf7 |
Policy for user domains
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
|
|
Chris PeBenito |
e3a8e3 |
Layer: services
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
Policy modules for system services, like cron, and network services,
|
|
Chris PeBenito |
8b1125 |
like sshd.
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
Module:Description:
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
bind
|
|
Chris PeBenito |
c2ecf0 |
Berkeley internet name domain DNS server.
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
cron
|
|
Chris PeBenito |
e3a8e3 |
Periodic execution of scheduled commands.
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
gpm
|
|
Chris PeBenito |
c2ecf0 |
General Purpose Mouse driver
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
howl
|
|
Chris PeBenito |
c2ecf0 |
Port of Apple Rendezvous multicast DNS
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
inetd
|
|
Chris PeBenito |
e3a8e3 |
Internet services daemon.
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
kerberos
|
|
Chris PeBenito |
e3a8e3 |
MIT Kerberos admin and KDC
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
ldap
|
|
Chris PeBenito |
c2ecf0 |
OpenLDAP directory server
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
mta
|
|
Chris PeBenito |
e3a8e3 |
Policy common to all email tranfer agents.
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
mysql
|
|
Chris PeBenito |
c2ecf0 |
Policy for MySQL
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
nis
|
|
Chris PeBenito |
e3a8e3 |
Policy for NIS (YP) servers and clients
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
nscd
|
|
Chris PeBenito |
8b1125 |
Name service cache daemon
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
8b1125 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
privoxy
|
|
Chris PeBenito |
c2ecf0 |
Privacy enhancing web proxy.
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
remotelogin
|
|
Chris PeBenito |
e3a8e3 |
Policy for rshd, rlogind, and telnetd.
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
rshd
|
|
Chris PeBenito |
c2ecf0 |
Remote shell service.
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
rsync
|
|
Chris PeBenito |
c2ecf0 |
Fast incremental file transfer for synchronization
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
sendmail
|
|
Chris PeBenito |
e3a8e3 |
Policy for sendmail.
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
ssh
|
|
Chris PeBenito |
e3a8e3 |
Secure shell client and server policy.
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
c2ecf0 |
tcpd
|
|
Chris PeBenito |
c2ecf0 |
Policy for TCP daemon.
|
|
Chris PeBenito |
c2ecf0 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Chris PeBenito |
e3a8e3 |
|
|
Karl MacMillan |
660bf7 |
|
|
Karl MacMillan |
660bf7 |
</body>
|
|
Karl MacMillan |
660bf7 |
</html>
|