blob: a770c0ee5e9c35290c39787947db1984b6ae54d1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
|
;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
;; SPDX-License-Identifier: Unlicense
(classpermission addname_dir)
(classpermission append_blk_file)
(classpermission append_chr_file)
(classpermission append_fifo_file)
(classpermission append_file)
(classpermission appendinherited_blk_file)
(classpermission appendinherited_chr_file)
(classpermission appendinherited_fifo_file)
(classpermission appendinherited_file)
(classpermission create_blk_file)
(classpermission create_chr_file)
(classpermission create_dir)
(classpermission create_fifo_file)
(classpermission create_file)
(classpermission create_lnk_file)
(classpermission create_sock_file)
(classpermission delete_blk_file)
(classpermission delete_chr_file)
(classpermission delete_dir)
(classpermission delete_fifo_file)
(classpermission delete_file)
(classpermission delete_lnk_file)
(classpermission delete_sock_file)
(classpermission deletename_dir)
(classpermission execute_file)
(classpermission list_dir)
(classpermission listinherited_dir)
(classpermission manage_blk_file)
(classpermission manage_chr_file)
(classpermission manage_dir)
(classpermission manage_fifo_file)
(classpermission manage_file)
(classpermission manage_lnk_file)
(classpermission manage_sock_file)
(classpermission mapexecute_chr_file)
(classpermission mapexecute_file)
(classpermission mounton_chr_file)
(classpermission mounton_dir)
(classpermission mounton_file)
(classpermission read_blk_file)
(classpermission read_chr_file)
(classpermission read_fifo_file)
(classpermission read_file)
(classpermission read_lnk_file)
(classpermission read_sock_file)
(classpermission readinherited_blk_file)
(classpermission readinherited_chr_file)
(classpermission readinherited_fifo_file)
(classpermission readinherited_file)
(classpermission readinherited_sock_file)
(classpermission readwrite_blk_file)
(classpermission readwrite_chr_file)
(classpermission readwrite_dir)
(classpermission readwrite_fifo_file)
(classpermission readwrite_file)
(classpermission readwrite_lnk_file)
(classpermission readwrite_sock_file)
(classpermission readwriteinherited_blk_file)
(classpermission readwriteinherited_chr_file)
(classpermission readwriteinherited_dir)
(classpermission readwriteinherited_fifo_file)
(classpermission readwriteinherited_file)
(classpermission readwriteinherited_sock_file)
(classpermission relabel_blk_file)
(classpermission relabel_chr_file)
(classpermission relabel_dir)
(classpermission relabel_fifo_file)
(classpermission relabel_file)
(classpermission relabel_lnk_file)
(classpermission relabel_sock_file)
(classpermission relabelfrom_blk_file)
(classpermission relabelfrom_chr_file)
(classpermission relabelfrom_dir)
(classpermission relabelfrom_fifo_file)
(classpermission relabelfrom_file)
(classpermission relabelfrom_lnk_file)
(classpermission relabelfrom_sock_file)
(classpermission relabelto_blk_file)
(classpermission relabelto_chr_file)
(classpermission relabelto_dir)
(classpermission relabelto_fifo_file)
(classpermission relabelto_file)
(classpermission relabelto_lnk_file)
(classpermission relabelto_sock_file)
(classpermission rename_blk_file)
(classpermission rename_chr_file)
(classpermission rename_dir)
(classpermission rename_fifo_file)
(classpermission rename_file)
(classpermission rename_lnk_file)
(classpermission rename_sock_file)
(classpermission search_dir)
(classpermission write_blk_file)
(classpermission write_chr_file)
(classpermission write_dir)
(classpermission write_fifo_file)
(classpermission write_file)
(classpermission write_lnk_file)
(classpermission write_sock_file)
(classpermission writeinherited_blk_file)
(classpermission writeinherited_chr_file)
(classpermission writeinherited_dir)
(classpermission writeinherited_fifo_file)
(classpermission writeinherited_file)
(classpermission writeinherited_sock_file)
(classpermissionset addname_dir
(dir (add_name getattr ioctl lock open read search write)))
(classpermissionset append_blk_file (blk_file (append getattr ioctl lock open)))
(classpermissionset append_chr_file (chr_file (append getattr ioctl lock open)))
(classpermissionset append_fifo_file
(fifo_file (append getattr ioctl lock open)))
(classpermissionset append_file (file (append getattr ioctl lock open)))
(classpermissionset appendinherited_blk_file
(blk_file (append getattr ioctl lock)))
(classpermissionset appendinherited_chr_file
(chr_file (append getattr ioctl lock)))
(classpermissionset appendinherited_fifo_file
(fifo_file (append getattr ioctl lock)))
(classpermissionset appendinherited_file (file (append getattr ioctl lock)))
(classpermissionset create_blk_file (blk_file (create getattr)))
(classpermissionset create_chr_file (chr_file (create getattr)))
(classpermissionset create_dir (dir (create getattr)))
(classpermissionset create_fifo_file (fifo_file (create getattr)))
(classpermissionset create_file (file (create getattr)))
(classpermissionset create_lnk_file (lnk_file (create getattr)))
(classpermissionset create_sock_file (sock_file (create getattr)))
(classpermissionset delete_blk_file (blk_file (getattr unlink)))
(classpermissionset delete_chr_file (chr_file (getattr unlink)))
(classpermissionset delete_dir (dir (getattr rmdir)))
(classpermissionset delete_fifo_file (fifo_file (getattr unlink)))
(classpermissionset delete_file (file (getattr unlink)))
(classpermissionset delete_lnk_file (lnk_file (getattr unlink)))
(classpermissionset delete_sock_file (sock_file (getattr unlink)))
(classpermissionset deletename_dir
(dir (getattr ioctl lock open read remove_name search
write)))
(classpermissionset execute_file
(file (execute execute_no_trans getattr ioctl map open
read)))
(classpermissionset list_dir (dir (getattr ioctl lock open read search)))
(classpermissionset listinherited_dir (dir (getattr ioctl lock read search)))
(classpermissionset manage_blk_file
(blk_file (append create getattr ioctl link lock open read
rename setattr unlink write)))
(classpermissionset manage_chr_file
(chr_file (append create getattr ioctl link lock open read
rename setattr unlink write)))
(classpermissionset manage_dir
(dir (add_name create getattr ioctl link lock open read
setattr remove_name rename reparent rmdir
search write)))
(classpermissionset manage_fifo_file
(fifo_file (append create getattr ioctl link lock open read
rename setattr unlink write)))
(classpermissionset manage_file
(file (append create getattr ioctl link lock open read
rename setattr unlink write)))
(classpermissionset manage_lnk_file
(lnk_file (append create getattr link lock read rename
setattr unlink write)))
(classpermissionset manage_sock_file
(sock_file (append create getattr ioctl link lock open read
rename setattr unlink write)))
(classpermissionset mapexecute_chr_file (chr_file (execute map)))
(classpermissionset mapexecute_file (file (execute map)))
(classpermissionset mounton_chr_file (chr_file (getattr mounton)))
(classpermissionset mounton_dir (dir (getattr mounton)))
(classpermissionset mounton_file (file (getattr mounton)))
(classpermissionset read_blk_file (blk_file (getattr ioctl lock open read)))
(classpermissionset read_chr_file (chr_file (getattr ioctl lock open read)))
(classpermissionset read_fifo_file (fifo_file (getattr ioctl lock open read)))
(classpermissionset read_file (file (getattr ioctl lock open read)))
(classpermissionset read_lnk_file (lnk_file (getattr lock read)))
(classpermissionset read_sock_file (sock_file (getattr ioctl lock open read)))
(classpermissionset readinherited_blk_file (blk_file (getattr ioctl lock read)))
(classpermissionset readinherited_chr_file (chr_file (getattr ioctl lock read)))
(classpermissionset readinherited_fifo_file
(fifo_file (getattr ioctl lock read)))
(classpermissionset readinherited_file (file (getattr ioctl lock read)))
(classpermissionset readinherited_sock_file
(sock_file (getattr ioctl lock read)))
(classpermissionset readwrite_blk_file
(blk_file (append getattr ioctl lock open read write)))
(classpermissionset readwrite_chr_file
(chr_file (append getattr ioctl lock open read write)))
(classpermissionset readwrite_dir
(dir (add_name getattr ioctl lock open read remove_name
search write)))
(classpermissionset readwrite_fifo_file
(fifo_file (append getattr ioctl lock open read write)))
(classpermissionset readwrite_file
(file (append getattr ioctl lock open read write)))
(classpermissionset readwrite_lnk_file
(lnk_file (append getattr lock read write)))
(classpermissionset readwrite_sock_file
(sock_file (append getattr ioctl lock open read write)))
(classpermissionset readwriteinherited_blk_file
(blk_file (append getattr ioctl lock read write)))
(classpermissionset readwriteinherited_chr_file
(chr_file (append getattr ioctl lock read write)))
(classpermissionset readwriteinherited_dir
(dir (add_name getattr ioctl lock read remove_name search
write)))
(classpermissionset readwriteinherited_fifo_file
(fifo_file (append getattr ioctl lock read write)))
(classpermissionset readwriteinherited_file
(file (append getattr ioctl lock read write)))
(classpermissionset readwriteinherited_sock_file
(sock_file (append getattr ioctl lock read write)))
(classpermissionset relabel_blk_file (blk_file (getattr relabelfrom relabelto)))
(classpermissionset relabel_chr_file (chr_file (getattr relabelfrom relabelto)))
(classpermissionset relabel_dir (dir (getattr relabelfrom relabelto)))
(classpermissionset relabel_fifo_file
(fifo_file (getattr relabelfrom relabelto)))
(classpermissionset relabel_file (file (getattr relabelfrom relabelto)))
(classpermissionset relabel_lnk_file (lnk_file (getattr relabelfrom relabelto)))
(classpermissionset relabel_sock_file
(sock_file (getattr relabelfrom relabelto)))
(classpermissionset relabelfrom_blk_file (blk_file (getattr relabelfrom)))
(classpermissionset relabelfrom_chr_file (chr_file (getattr relabelfrom)))
(classpermissionset relabelfrom_dir (dir (getattr relabelfrom)))
(classpermissionset relabelfrom_fifo_file (fifo_file (getattr relabelfrom)))
(classpermissionset relabelfrom_file (file (getattr relabelfrom)))
(classpermissionset relabelfrom_lnk_file (lnk_file (getattr relabelfrom)))
(classpermissionset relabelfrom_sock_file (sock_file (getattr relabelfrom)))
(classpermissionset relabelto_blk_file (blk_file (getattr relabelto)))
(classpermissionset relabelto_chr_file (chr_file (getattr relabelto)))
(classpermissionset relabelto_dir (dir (getattr relabelto)))
(classpermissionset relabelto_fifo_file (fifo_file (getattr relabelto)))
(classpermissionset relabelto_file (file (getattr relabelto)))
(classpermissionset relabelto_lnk_file (lnk_file (getattr relabelto)))
(classpermissionset relabelto_sock_file (sock_file (getattr relabelto)))
(classpermissionset rename_blk_file (blk_file (getattr rename)))
(classpermissionset rename_chr_file (chr_file (getattr rename)))
(classpermissionset rename_dir (dir (getattr rename)))
(classpermissionset rename_fifo_file (fifo_file (getattr rename)))
(classpermissionset rename_file (file (getattr rename)))
(classpermissionset rename_lnk_file (lnk_file (getattr rename)))
(classpermissionset rename_sock_file (sock_file (getattr rename)))
(classpermissionset search_dir (dir (getattr search)))
(classpermissionset write_blk_file
(blk_file (append getattr ioctl lock open write)))
(classpermissionset write_chr_file
(chr_file (append getattr ioctl lock open write)))
(classpermissionset write_dir
(dir (add_name getattr ioctl lock open remove_name search
write)))
(classpermissionset write_fifo_file
(fifo_file (append getattr ioctl lock open write)))
(classpermissionset write_file
(file (append getattr ioctl lock open write)))
(classpermissionset write_lnk_file (lnk_file (append getattr lock write)))
(classpermissionset write_sock_file
(sock_file (append getattr ioctl lock open write)))
(classpermissionset writeinherited_blk_file
(blk_file (append getattr ioctl lock write)))
(classpermissionset writeinherited_chr_file
(chr_file (append getattr ioctl lock write)))
(classpermissionset writeinherited_dir
(dir (add_name getattr ioctl lock remove_name search
write)))
(classpermissionset writeinherited_fifo_file
(fifo_file (append getattr ioctl lock write)))
(classpermissionset writeinherited_file
(file (append getattr ioctl lock write)))
(classpermissionset writeinherited_sock_file
(sock_file (append getattr ioctl lock write)))
|
