diff options
| -rw-r--r-- | policy/flask/access_vectors | 55 | ||||
| -rw-r--r-- | policy/flask/security_classes | 4 |
2 files changed, 38 insertions, 21 deletions
diff --git a/policy/flask/access_vectors b/policy/flask/access_vectors index 3998b774..6620e4cc 100644 --- a/policy/flask/access_vectors +++ b/policy/flask/access_vectors @@ -94,6 +94,33 @@ common database } # +# Define a common prefix for pointer and keyboard access vectors. +# + +common x_device +{ + getattr + setattr + use + read + write + getfocus + setfocus + bell + force_cursor + freeze + grab + manage + list_property + get_property + set_property + add + remove + create + destroy +} + +# # Define the access vectors. # # class class_name [ inherits common_name ] { permission_name ... } @@ -525,27 +552,7 @@ class x_client } class x_device -{ - getattr - setattr - use - read - write - getfocus - setfocus - bell - force_cursor - freeze - grab - manage - list_property - get_property - set_property - add - remove - create - destroy -} +inherits x_device class x_server { @@ -802,3 +809,9 @@ class kernel_service class tun_socket inherits socket + +class x_pointer +inherits x_device + +class x_keyboard +inherits x_device diff --git a/policy/flask/security_classes b/policy/flask/security_classes index 2bd1bf6d..fa65db2c 100644 --- a/policy/flask/security_classes +++ b/policy/flask/security_classes @@ -121,4 +121,8 @@ class kernel_service class tun_socket +# Still More SE-X Windows stuff +class x_pointer # userspace +class x_keyboard # userspace + # FLASK |