Changeset 157

Timestamp:

01/08/08 12:50:13 (11 months ago)

Author:

bwilliams

Message:

changed secure mode to be more useful

Files:

• branch/refpol-merged/src/selinux-policy-refpol/policy/modules/kernel/selinux.if (modified) (5 diffs)
• branch/refpol-merged/src/selinux-policy-refpol/policy/modules/kernel/selinux.te (modified) (2 diffs)
• branch/refpol-merged/src/selinux-policy-refpol/policy/modules/system/userdomain.if (modified) (1 diff)

branch/refpol-merged/src/selinux-policy-refpol/policy/modules/kernel/selinux.if

@@ -1 @@
->
+
-##      Policy for kernel security interface, in particular, selinuxfs.
-## </summary>
@@ -198 +198 @@
-        if(!secure_mode_policyload) {
-                allow $1 security_t:security setenforce;
-
-                ifdef(`distro_rhel4',`
-                        # needed for systems without audit support
-                        auditallow $1 security_t:security setenforce;
-                ')
-        }
-')
@@ -220 +215 @@
-                type security_t;
-                attribute can_load_policy;
+                bool secure_mode_policyload;
-        ')
-
@@ -228 +224 @@
-        if(!secure_mode_policyload) {
-                allow $1 security_t:security load_policy;
-
-                ifdef(`distro_rhel4',`
-                        # needed for systems without audit support
-                        auditallow $1 security_t:security load_policy;
-                ')
-        }
-')
@@ -265 +256 @@
-        allow $1 security_t:dir list_dir_perms;
-        allow $1 security_t:file { getattr read write };
+        allow $1 security_t:security setbool;
-
-        if(!secure_mode_policyload) {
-
-
-
-
-
-
+
-        }
-')
+
+
+########################################
+## <summary>
+##      Allow caller to change from secure_mode to unsecure_mode
+## </summary>
+## <desc>
+##      <p>
+##      Allow caller to set the state of Booleans to
+##      enable or disable conditional portions of the policy.
+##      </p>
+##      <p>
+##      Since this is a security event, this action is
+##      always audited.
+##      </p>
+## </desc>
+## <param name="domain">
+##      <summary>
+##      The process type allowed to set the Boolean.
+##      </summary>
+## </param>
+## <rolecap/>
+#
+interface(`selinux_set_secure_mode',`
+        gen_require(`
+                type secure_mode_policyload_bool_t;
+        ')
+        
+        selinux_set_boolean($1)
+
+        allow $1 secure_mode_policyload_bool_t:file write;
+')
+
+
-
-########################################

branch/refpol-merged/src/selinux-policy-refpol/policy/modules/kernel/selinux.te

@@ -23 +23 @@
-genfscon selinuxfs / gen_context(system_u:object_r:security_t,s0)
-
+type secure_mode_policyload_bool_t;
+files_type(secure_mode_policyload_bool_t)
+genfscon selinuxfs /booleans/secure_mode_policyload gen_context(system_u:object_r:secure_mode_policyload_bool_t,s0)
+
+
-neverallow ~{ selinux_unconfined_type can_load_policy } security_t:security load_policy;
-neverallow ~{ selinux_unconfined_type can_setenforce } security_t:security setenforce;
@@ -37 +42 @@
-
-# Access the security API.
-
+
+
+
+
+
+
-
-if(!secure_mode_policyload) {
-
-
-
-
-
-
+
+
-}

branch/refpol-merged/src/selinux-policy-refpol/policy/modules/system/userdomain.if

@@ -1423 +1423 @@
-        selinux_set_enforce_mode($1)
-        selinux_set_boolean($1)
+        selinux_set_secure_mode($1)
-        selinux_set_parameters($1)
-