Eamon Walsh [Thu, 29 Oct 2009 22:57:38 +0000 (18:57 -0400)]
Drop the xserver_unprotected interface.
The motivation for this was xdm_t objects not getting cleaned up,
so the user session tried to interact with them. But since the
default user type is unconfined this problem has gone away for now.
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov> Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
Eamon Walsh [Wed, 28 Oct 2009 02:20:38 +0000 (22:20 -0400)]
X Object manager policy revisions to x_contexts.
X Object manager policy revisions to x_contexts.
Many of the specific event, extension, and property types have been
removed for the time being. Polyinstantiation allows selections and
properties to be separated in a different way, and new X server support
for labeling individual extension requests (as opposed to entire extensions)
should make the extension querying problem easier to solve in the future.
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov> Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
Eamon Walsh [Wed, 28 Oct 2009 02:19:25 +0000 (22:19 -0400)]
X Object Manager policy revisions to xserver.if.
X Object Manager policy revisions to xserver.if.
This commit consists of two parts:
1. Revisions to xserver_object_types_template and
xserver_common_x_domain_template. This reflects the dropping
of many of the specific event, extension, and property types.
2. New interfaces:
xserver_manage_core_devices: Gives control over core mouse/keyboard.
xserver_unprotected: Allows all clients to access a domain's X objects.
Modified interfaces:
xserver_unconfined: Added x_domain typeattribute statement.
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov> Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
Eamon Walsh [Wed, 28 Oct 2009 02:18:14 +0000 (22:18 -0400)]
X Object Manager policy revisions to xserver.te.
X Object Manager policy revisions to xserver.te.
This commit consists of three main parts:
1. Code movement. There were X object manager-related statements
scattered somewhat throughout the file; these have been consolidated,
which resulted in some other statements moving (e.g. iceauth_t).
2. Type changes. Many of the specific event, extension, and property
types have been dropped for the time being. The rootwindow_t and
remote_xclient_t types have been renamed, and a root_xcolormap_t
type has been (re-)added. This is for naming consistency.
An "xserver_unprotected" alias has been added for use in labeling
clients whose resources should be globally accessible (e.g. xdm_t).
3. Policy changes. These are mostly related to devices, which now have
separate x_keyboard and x_pointer classes. The "Hacks" section
has been cleaned up, and various other classes have had the default
permissions tweaked.
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov> Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
Eamon Walsh [Tue, 13 Oct 2009 23:17:13 +0000 (19:17 -0400)]
Add separate x_pointer and x_keyboard classes inheriting from x_device.
This is needed to allow more fine-grained control over X devices without
using different types. Using different types is problematic because
devices act as subjects in the X Flask implementation, and subjects
cannot be labeled through a type transition (since the output role is
hardcoded to object_r).
Manoj Srivastava [Fri, 28 Aug 2009 19:58:15 +0000 (14:58 -0500)]
nscd cache location changed from /var/db/nscd to /var/cache/nscd
The nscd policy module uses the old nscd cache location. The cache location
changed with glibc 2.7-1, and the current nscd does place the files in
/var/cache/nscd/.
Paul Moore [Fri, 28 Aug 2009 21:13:12 +0000 (17:13 -0400)]
refpol: Policy for the new TUN driver access controls
Add policy for the new TUN driver access controls which allow policy to
control which domains have the ability to create and attach to TUN/TAP
devices. The policy rules for creating and attaching to a device are as
shown below:
# create a new device
allow domain_t self:tun_socket { create };
# attach to a persistent device (created by tunlbl_t)
allow domain_t tunlbl_t:tun_socket { relabelfrom };
allow domain_t self:tun_socket { relabelto };
Paul Moore [Fri, 28 Aug 2009 21:13:06 +0000 (17:13 -0400)]
refpol: Add the "tun_socket" object class flask definitions
Add the new "tun_socket" class to the flask definitions. The "tun_socket"
object class is used by the new TUN driver hooks which allow policy to control
access to TUN/TAP devices.
Chris PeBenito [Fri, 28 Aug 2009 17:29:36 +0000 (13:29 -0400)]
deprecate userdom_xwindows_client_template
The X policy for users is currently split between
userdom_xwindows_client_template() and xserver_role(). Deprecate
the former and put the rules into the latter.
For preserving restricted X roles (xguest), divide the rules
into xserver_restricted_role() and xserver_role().
Chris PeBenito [Mon, 17 Aug 2009 17:19:26 +0000 (13:19 -0400)]
Fix unconfined_r use of unconfined_java_t.
The unconfined role is running java in the unconfined_java_t. The current
policy only has a domtrans interface, so the unconfined_java_t domain is not
added to unconfined_r. Add a run interface and change the unconfined module
to use this new interface.
Chris PeBenito [Mon, 17 Aug 2009 13:49:53 +0000 (09:49 -0400)]
Fix Makefile info message for installing policy headers
The Makefile is currently using the policy TYPE (standard|mls|mcs) rather
than the more informative NAME (eg strict, targeted, etc). Fix the Makefile
to use NAME.
projects / people / stevee / selinux-policy.git / log
