-
Notifications
You must be signed in to change notification settings - Fork 345
/
policy_minus_self.conf
369 lines (264 loc) · 10.9 KB
/
policy_minus_self.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
class process
class blk_file
class chr_file
class dir
class fifo_file
class file
class lnk_file
class sock_file
class class5
class class6
class class7
class class17
sid kernel
sid security
sid unlabeled
sid file
sid port
sid netif
sid netmsg
sid node
sid devnull
class process { dyntransition transition }
class file { ioctl read write }
class class5 { perm }
class class6 { perm }
class class7 { perm }
class class17 { ioctl }
ifdef(`enable_mls',`
sensitivity s0;
dominance { s0 }
category c0; category c1; category c2; category c3;
category c4; category c5; category c6; category c7;
category c8; category c9; category c10; category c11;
category c12; category c13; category c14; category c15;
category c16; category c17; category c18; category c19;
category c20; category c21; category c22; category c23;
level s0:c0.c23;
mlsconstrain file { write } ( h1 dom h2 );
')
########################################
#
# Test start
#
########################################
## Test 1 (single type)
type test1_t;
allow test1_t test1_t : file read;
neverallow test1_t { test1_t -self } : file read; # nofail
## Test 2 (single type)
type test2_t;
allow test2_t self : file read;
neverallow test2_t { test1_t -self } : file read; # nofail
## Test 3 (single type)
type test3_1_t;
type test3_2_t;
allow test3_1_t test3_2_t : file read;
neverallow test3_1_t { test3_2_t -self } : file read;
## Test 4 (two types I)
type test4_1_t;
type test4_2_t;
allow { test4_1_t test4_2_t } { test4_1_t test4_2_t } : file read;
neverallow test4_1_t { test4_1_t test4_2_t -self } : file read;
## Test 5 (two types II)
type test5_1_t;
type test5_2_t;
allow { test5_1_t test5_2_t } { test5_1_t test5_2_t } : class5 perm;
neverallow * { test5_1_t test5_2_t -self } : class5 perm;
## Test 6 (two types III)
type test6_1_t;
type test6_2_t;
allow { test6_1_t test6_2_t } { test6_1_t test6_2_t } : class6 perm;
neverallow * { test6_2_t -self } : class6 perm;
## Test 7 (two types IV)
type test7_1_t;
type test7_2_t;
allow { test7_1_t test7_2_t } test7_2_t : class7 perm;
neverallow * { test7_1_t -self } : class7 perm; # nofail
## Test 8 (attribute violates type I)
attribute test8_a;
type test8_1_t, test8_a;
type test8_2_t, test8_a;
allow test8_a test8_a : file read;
neverallow test8_1_t { test8_a -self } : file *;
## Test 9 (attribute violates type II)
attribute test9_a;
type test9_1_t, test9_a;
type test9_2_t, test9_a;
allow test9_1_t test9_a : file read;
neverallow test9_1_t { test9_a -self } : file *;
## Test 10 (attribute violates type III)
attribute test10_1_a;
attribute test10_2_a;
type test10_1_t, test10_1_a, test10_1_a;
type test10_2_t, test10_1_a, test10_1_a;
allow test10_1_a test10_1_a : file read;
neverallow test10_1_t { test10_2_a -self } : file *;
## Test 11 (attribute violates attribute I)
attribute test11_1_a;
attribute test11_2_a;
type test11_1_t, test11_1_a, test11_2_a;
type test11_2_t, test11_1_a, test11_2_a;
allow test11_1_t self : file read;
allow test11_2_t test11_2_t : file read;
neverallow test11_1_a { test11_2_a -self } : file *; # nofail
## Test 12 (attribute violates attribute II)
attribute test12_a;
type test12_1_t, test12_a;
type test12_2_t, test12_a;
allow test12_1_t test12_2_t : file read;
neverallow test12_a { test12_a -self } : file *;
## Test 13 (attribute violates attribute III)
attribute test13_a;
type test13_1_t, test13_a;
type test13_2_t, test13_a;
allow test13_1_t test13_a : file read;
neverallow test13_a { test13_a -self } : file *;
## Test 14 (attribute violates attribute IV)
attribute test14_a;
type test14_1_t, test14_a;
type test14_2_t, test14_a;
allow test14_a test14_a : file read;
neverallow test14_a { test14_a -self } : file *;
# ## Test 15 (attribute violates attribute V)
attribute test13_1_a;
attribute test13_2_a;
type test13_t, test13_1_a, test13_2_a;
allow test13_1_a test13_2_a : file read;
neverallow test13_a { test13_2_a -self } : file *;
## Test 16 (types violate attribute)
attribute test16_a;
type test16_1_t, test16_a;
type test16_2_t, test16_a;
allow { test16_1_t test16_2_t } { test16_1_t test16_2_t } : file read;
neverallow test16_a { test16_a -self } : file ~write;
## Test 17 (extended permissions I)
type test17_1_t;
type test17_2_t;
allow { test17_1_t test17_2_t } { test17_1_t test17_2_t } : class17 ioctl;
neverallowxperm ~test17_2_t { test17_1_t test17_2_t -self } : class17 ioctl 0x1111;
## Test 18 (extended permissions II)
type test18_1_t;
type test18_2_t;
allow { test18_1_t test18_2_t } { test18_1_t test18_2_t } : file ioctl;
allowxperm { test18_1_t test18_2_t } { test18_1_t test18_2_t } : file ioctl 0x1111;
neverallowxperm { test18_1_t test18_2_t } { test18_1_t test18_2_t -self } : file ioctl 0x2222; # nofail
## Test 19 (extended permissions III)
type test19_1_t;
type test19_2_t;
allow { test19_1_t test19_2_t } { test19_1_t test19_2_t } : file ioctl;
allowxperm { test19_1_t test19_2_t } { test19_1_t test19_2_t } : file ioctl { 0x0100 - 0x0102 };
neverallowxperm test19_2_t { test19_1_t test19_2_t -self } : file ioctl { 0x0101 - 0x0104 };
## Test 20 (extended permissions IV)
type test20_1_t;
type test20_2_t;
allow { test20_1_t test20_2_t } { test20_1_t test20_2_t } : file ioctl;
allowxperm test20_1_t test20_1_t : file ioctl 0x0101;
allowxperm test20_1_t test20_2_t : file ioctl 0x0102;
allowxperm test20_2_t test20_1_t : file ioctl 0x0103;
allowxperm test20_2_t test20_2_t : file ioctl 0x0104;
neverallowxperm { test20_1_t test20_2_t } { test20_1_t test20_2_t -self } : file ioctl { 0x0000 - 0x9000 };
## Test 21 (extended permissions V)
attribute test21_a;
type test21_1_t, test21_a;
type test21_2_t, test21_a;
allow test21_a test21_a : file ioctl;
allowxperm test21_a test21_a : file ioctl 0x9501;
neverallowxperm test21_1_t { test21_a -self } : file ioctl 0x9511; # nofail
## Test 22 (extended permissions VI)
type test22_t;
allow test22_t self : file ioctl;
allowxperm test22_t self : file ioctl 0x9501;
allowxperm test22_t self : file ioctl 0x9511;
neverallowxperm test22_t { test22_t -self } : file ioctl 0x9511; # nofail
## Test 23 (extended permissions VII)
attribute test23_a;
type test23_1_t, test23_a;
type test23_2_t, test23_a;
allow test23_a test23_a : file ioctl;
allowxperm test23_a test23_a : file ioctl 0x9501;
allowxperm test23_1_t test23_2_t : file ioctl 0x9511;
neverallowxperm test23_1_t { test23_a -self } : file ioctl 0x9511;
## Test 24 (extended permissions VII)
attribute test24_a;
type test24_1_t, test24_a;
type test24_2_t, test24_a;
allow test24_a test24_a : file ioctl;
allowxperm test24_a test24_a : file ioctl 0x9501;
allowxperm test24_1_t test24_a : file ioctl 0x9511;
neverallowxperm test24_1_t { test24_a -self } : file ioctl 0x9511;
## Test 25 (extended permissions IX)
attribute test25_a;
type test25_1_t, test25_a;
type test25_2_t, test25_a;
allow test25_a test25_a : file ioctl;
allowxperm test25_a test25_a : file ioctl 0x9501;
allowxperm test25_a test25_a : file ioctl 0x9511;
neverallowxperm test25_1_t { test25_a -self } : file ioctl 0x9511;
## Test 26 (extended permissions X)
attribute test26_1_a;
attribute test26_2_a;
type test26_1_t, test26_1_a, test26_2_a;
type test26_2_t, test26_1_a, test26_2_a;
allow { test26_1_a test26_2_a } { test26_1_a test26_2_a } : file ioctl;
allowxperm { test26_1_a test26_2_a } { test26_1_a test26_2_a } : file ioctl 0x9501;
allowxperm test26_1_a test26_2_a : file ioctl 0x9511;
neverallowxperm test26_1_t { test26_2_a -self } : file ioctl 0x9511;
# ## Test 27 (extended permissions attribute violation I)
attribute test27_a;
type test27_1_t, test27_a;
type test27_2_t, test27_a;
allow test27_a test27_a : file ioctl;
allowxperm test27_a test27_a : file ioctl 0x9501;
allowxperm test27_1_t self : file ioctl 0x9521;
allowxperm test27_2_t test27_2_t : file ioctl 0x9521;
neverallowxperm test27_a { test27_a -self } : file ioctl 0x9521; # nofail
# ## Test 28 (extended permissions attribute violation II)
attribute test28_a;
type test28_1_t, test28_a;
type test28_2_t, test28_a;
allow test28_a test28_a : file ioctl;
allowxperm test28_1_t test28_2_t : file ioctl 0x9521;
neverallowxperm test28_a { test28_a -self } : file ioctl 0x9521;
## Test 29 (extended permissions attribute violation III)
attribute test29_a;
type test29_1_t, test29_a;
type test29_2_t, test29_a;
allow test29_a test29_a : file ioctl;
allowxperm test29_1_t test29_a : file ioctl 0x9521;
neverallowxperm test29_a { test29_a -self } : file ioctl 0x9521;
## Test 30 (extended permissions attribute violation IV)
attribute test30_a;
type test30_1_t, test30_a;
type test30_2_t, test30_a;
allow test30_a test30_a : file ioctl;
allowxperm test30_a test30_a : file ioctl 0x9521;
neverallowxperm test30_a { test30_a -self } : file ioctl 0x9521;
## Test 31 (extended permissions attribute violation V)
attribute test31_1_a;
attribute test31_2_a;
type test31_1_t, test31_1_a, test31_2_a;
type test31_2_t, test31_1_a, test31_2_a;
allow test31_1_a test31_1_a : file ioctl;
allowxperm test31_1_a test31_2_a : file ioctl 0x9521;
neverallowxperm test31_1_a { test31_2_a -self } : file ioctl 0x9521;
########################################
#
# Test End
#
########################################
type sys_isid;
role sys_role;
role sys_role types sys_isid;
gen_user(sys_user,, sys_role, s0, s0 - s0:c0.c23)
sid kernel gen_context(sys_user:sys_role:sys_isid, s0)
sid security gen_context(sys_user:sys_role:sys_isid, s0)
sid unlabeled gen_context(sys_user:sys_role:sys_isid, s0)
sid file gen_context(sys_user:sys_role:sys_isid, s0)
sid port gen_context(sys_user:sys_role:sys_isid, s0)
sid netif gen_context(sys_user:sys_role:sys_isid, s0)
sid netmsg gen_context(sys_user:sys_role:sys_isid, s0)
sid node gen_context(sys_user:sys_role:sys_isid, s0)
sid devnull gen_context(sys_user:sys_role:sys_isid, s0)
fs_use_trans devpts gen_context(sys_user:sys_role:sys_isid, s0);
fs_use_trans devtmpfs gen_context(sys_user:sys_role:sys_isid, s0);