| Server IP : 67.43.7.42 / Your IP : 216.73.216.241 Web Server : Apache System : Linux host.isabellascookies.com 2.6.32-754.35.1.el6.x86_64 #1 SMP Sat Nov 7 12:42:14 UTC 2020 x86_64 User : isabella ( 503) PHP Version : 5.5.38 Disable Function : exec,passthru,shell_exec,system MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/share/selinux/devel/include/kernel/ |
Upload File : |
## <summary>User-based access control policy</summary> ## <required val="true"> ## Contains attributes used in UBAC policy. ## </required> ######################################## ## <summary> ## Constrain by user-based access control (UBAC). ## </summary> ## <desc> ## <p> ## Constrain the specified type by user-based ## access control (UBAC). Typically, these are ## user processes or user files that need to be ## differentiated by SELinux user. Normally this ## does not include administrative or privileged ## programs. For the UBAC rules to be enforced, ## both the subject (source) type and the object ## (target) types must be UBAC constrained. ## </p> ## </desc> ## <param name="type"> ## <summary> ## Type to be constrained by UBAC. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`ubac_constrained',` gen_require(` attribute ubac_constrained_type; ') typeattribute $1 ubac_constrained_type; ') ######################################## ## <summary> ## Exempt user-based access control for files. ## </summary> ## <param name="domain"> ## <summary> ## Domain to be exempted. ## </summary> ## </param> # interface(`ubac_file_exempt',` gen_require(` attribute ubacfile; ') typeattribute $1 ubacfile; ') ######################################## ## <summary> ## Exempt user-based access control for processes. ## </summary> ## <param name="domain"> ## <summary> ## Domain to be exempted. ## </summary> ## </param> # interface(`ubac_process_exempt',` gen_require(` attribute ubacproc; ') typeattribute $1 ubacproc; ') ######################################## ## <summary> ## Exempt user-based access control for file descriptors. ## </summary> ## <param name="domain"> ## <summary> ## Domain to be exempted. ## </summary> ## </param> # interface(`ubac_fd_exempt',` gen_require(` attribute ubacfd; ') typeattribute $1 ubacfd; ') ######################################## ## <summary> ## Exempt user-based access control for sockets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to be exempted. ## </summary> ## </param> # interface(`ubac_socket_exempt',` gen_require(` attribute ubacsock; ') typeattribute $1 ubacsock; ') ######################################## ## <summary> ## Exempt user-based access control for SysV IPC. ## </summary> ## <param name="domain"> ## <summary> ## Domain to be exempted. ## </summary> ## </param> # interface(`ubac_sysvipc_exempt',` gen_require(` attribute ubacipc; ') typeattribute $1 ubacipc; ') ######################################## ## <summary> ## Exempt user-based access control for X Windows. ## </summary> ## <param name="domain"> ## <summary> ## Domain to be exempted. ## </summary> ## </param> # interface(`ubac_xwin_exempt',` gen_require(` attribute ubacxwin; ') typeattribute $1 ubacxwin; ') ######################################## ## <summary> ## Exempt user-based access control for dbus. ## </summary> ## <param name="domain"> ## <summary> ## Domain to be exempted. ## </summary> ## </param> # interface(`ubac_dbus_exempt',` gen_require(` attribute ubacdbus; ') typeattribute $1 ubacdbus; ') ######################################## ## <summary> ## Exempt user-based access control for keys. ## </summary> ## <param name="domain"> ## <summary> ## Domain to be exempted. ## </summary> ## </param> # interface(`ubac_key_exempt',` gen_require(` attribute ubackey; ') typeattribute $1 ubackey; ') ######################################## ## <summary> ## Exempt user-based access control for databases. ## </summary> ## <param name="domain"> ## <summary> ## Domain to be exempted. ## </summary> ## </param> # interface(`ubac_db_exempt',` gen_require(` attribute ubacdb; ') typeattribute $1 ubacdb; ')