diff options
| author | Paul Moore <paul.moore@hp.com> | 2009-08-28 17:13:06 -0400 |
|---|---|---|
| committer | Chris PeBenito <cpebenito@tresys.com> | 2009-08-31 08:36:00 -0400 |
| commit | 333494fd5929df71bb8c6cddf5b4e34180fcd6b9 (patch) | |
| tree | c219ac69913a36ab5cf5a3c6ce96d068006609cb | |
| parent | 4279891d1ffa74b393a306dcae415e6e5f93a94a (diff) | |
refpol: Add the "tun_socket" object class flask definitions
Add the new "tun_socket" class to the flask definitions. The "tun_socket"
object class is used by the new TUN driver hooks which allow policy to control
access to TUN/TAP devices.
Signed-off-by: Paul Moore <paul.moore@hp.com>
| -rw-r--r-- | policy/flask/access_vectors | 2 | ||||
| -rw-r--r-- | policy/flask/security_classes | 2 |
2 files changed, 4 insertions, 0 deletions
diff --git a/policy/flask/access_vectors b/policy/flask/access_vectors index ef4c063f..6292db55 100644 --- a/policy/flask/access_vectors +++ b/policy/flask/access_vectors @@ -251,6 +251,8 @@ inherits socket class unix_dgram_socket inherits socket +class tun_socket +inherits socket # # Define the access vector interpretation for process-related objects diff --git a/policy/flask/security_classes b/policy/flask/security_classes index 9e1bf1a3..2bd1bf6d 100644 --- a/policy/flask/security_classes +++ b/policy/flask/security_classes @@ -119,4 +119,6 @@ class x_application_data # userspace # kernel services that need to override task security, e.g. cachefiles class kernel_service +class tun_socket + # FLASK |