Dictionary

The CDS Framework Toolkit dictionary is the means in which the framework policy is translated into the SELinux policy. Each of the resource definitions that can be assigned to a domain or a shared resource are defined here. Within the graphical policy, a read is indicated with an arrow from a resource to a domain and a write is indicated with an arrow from a domain to a resource. Readwrite is indicated with a double headed arrow between the resource and the domain. Readwrite indicates that a the domain can write to a the resource and read from that same resource. The dictionary will translate this graphical notation into the appropriate SELinux policy.

Included in every resource definition are the following:

Below is some sample code from the dictionary for the resource definition, “unnamedUnixSockets”:


1 rdef unnamedUnixStreams
2 [desc: "Unnamed Unix domain stream sockets as private resources in a domain "]
3 {
4     owner {
5        self {
6           fd { use } # Use own file descriptors for forking off children
7           sock_file { create getattr unlink write }
8           unix_stream_socket { accept bind connect connectto create write listen read shutdown }
9       }
10    }
11    read {
12       default { read }
13       read
14       [backflow : 1]
15       {
16          resource {
17              sock_file { getattr }
18              unix_stream_socket { read recvfrom shutdown connectto listen }
19          }
20       }
21    }
22    write {
23       default { write }
24       write
25       [backflow : 0]
26       {
27          resource {
28             unix_stream_socket { write sendto connect }
29          }
30       }
31       create
32       [backflow : 0]
33       {
34          resource {
35             unix_stream_socket { create setattr }
36          }
37       }
38       new
39       [backflow : 0]
40       {
41          resource {
42             unix_stream_socket { create setattr }
43          }
44          transition {
45             unix_stream_socket
46          }
47       }
48    }
49 }

Lines 1 - 2 give the keyword, rdef, the name of the resource definition and a brief description.

Lines 4 – 10 give the owner permissions. If there are permissions other than self permissions, the structure would be much like the self permissions except with the keyword resource in the place of self. (Line 14 shows the start of a resource block)

Lines 11 – 21 give information pertaining to the verb read. This refers to the type of access read. The default name and accompanying permissions that are confined within the resource block are given here.

Lines 22 – 37 give information pertaining to the verb write. An additional permission here is create. To translate, if an arrow is drawn graphically from a domain to a resource, this indicates a write. The dictionary will translate this write permission for unixStreamSockets into the permissions within the policy given above. In other words, the write permission will be translated into the write and create permissions given within their associated resource blocks.

Lines 38 – 46 give information pertaining to the verb new. The new verb is generally used when creating types at runtime. The transition keyword is used to denote which objects should be given type transition rules.

Lines 14, 25, 32 and 39 show the backflow levels for each access definition.

©2005 - 2009 Tresys Technology, LLC
Patent Pending