[redhat-lspp] [Fwd: staff transitions]

Thu, 07 Dec 2006 06:19:22 -0800

A question last week came up about targeted policy versus strict. This is a list of confined applications that a staff user would transition to when they are run, with current MLS policy. 


-------- Original Message --------
Subject:        staff transitions
Date:   Thu, 7 Dec 2006 04:36:15 -0500
From:   root <[EMAIL PROTECTED]>
To:     [EMAIL PROTECTED]




  allow staff_t staff_crontab_t : process { transition sigchld signal getattr }; 
  allow staff_t loadkeys_t : process transition ; 
  allow staff_t pam_t : process transition ; 
  allow staff_t staff_dbusd_t : process { transition sigkill signal }; 
  allow staff_t staff_spamassassin_t : process transition ; 
  allow staff_t staff_gpg_t : process { transition signal getattr }; 
  allow staff_t utempter_t : process transition ; 
  allow staff_t staff_javaplugin_t : process { transition noatsecure siginh rlimitinh }; 
  allow staff_su_t staff_t : process { transition sigchld }; 
  allow staff_t newrole_t : process transition ; 
  allow staff_t staff_sudo_t : process { transition sigchld }; 
  allow staff_t passwd_t : process transition ; 
  allow staff_t chfn_t : process transition ; 
  allow staff_t staff_t : process { fork transition sigchld sigkill sigstop signull signal ptrace getsched setsched getsession getpgid setpgid getcap setcap share getattr setfscreate noatsecure siginh rlimitinh dyntransition setkeycreate setsockcreate }; 
  allow staff_t staff_spamc_t : process transition ; 
  allow staff_t staff_gpg_agent_t : process { transition sigkill signal getattr }; 
  allow staff_t staff_lpr_t : process { transition signull }; 
  allow staff_t staff_ssh_t : process { transition getattr }; 
  allow staff_t staff_ssh_agent_t : process { transition sigchld signal getattr }; 
  allow staff_t staff_chkpwd_t : process transition ; 
  allow staff_t staff_su_t : process { transition sigchld signal }; 
  allow staff_t staff_mail_t : process transition ; 
  allow staff_crontab_t staff_t : process { transition sigchld }; 
  allow staff_dbusd_t staff_t : process { transition sigchld }; 
  allow staff_sudo_t staff_t : process { transition sigchld }; 
  allow staff_ssh_agent_t staff_t : process { transition sigchld signull }; 
  allow staff_t ping_t : process transition ; 
  allow staff_t httpd_staff_script_t : process transition ; 
  allow staff_t httpd_staff_script_t : process transition ; 
  allow staff_t traceroute_t : process transition ; 
  allow staff_t pppd_t : process transition ; 
  allow staff_ssh_agent_t staff_t : process transition ; 
  allow staff_ssh_agent_t staff_t : process transition ; 


--
redhat-lspp mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/redhat-lspp














    











					Reply via email to