From owner-p4-projects@FreeBSD.ORG Tue Feb 10 06:47:27 2004 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id BB2AA16A4E5; Tue, 10 Feb 2004 06:47:26 -0800 (PST) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7CBEB16A510 for ; Tue, 10 Feb 2004 06:47:26 -0800 (PST) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7709643D1D for ; Tue, 10 Feb 2004 06:47:26 -0800 (PST) (envelope-from areisse@nailabs.com) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.10/8.12.10) with ESMTP id i1AElQGe065311 for ; Tue, 10 Feb 2004 06:47:26 -0800 (PST) (envelope-from areisse@nailabs.com) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.10/8.12.10/Submit) id i1AElPwq065307 for perforce@freebsd.org; Tue, 10 Feb 2004 06:47:25 -0800 (PST) (envelope-from areisse@nailabs.com) Date: Tue, 10 Feb 2004 06:47:25 -0800 (PST) Message-Id: <200402101447.i1AElPwq065307@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to areisse@nailabs.com using -f From: Andrew Reisse To: Perforce Change Reviews Subject: PERFORCE change 46750 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Feb 2004 14:47:27 -0000 http://perforce.freebsd.org/chv.cgi?CH=46750 Change 46750 by areisse@areisse_ibook on 2004/02/10 06:46:46 user_secret_d can be used in enforcing mode Affected files ... .. //depot/projects/trustedbsd/sedarwin/policy/rules#6 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin/policy/rules#6 (text+ko) ==== @@ -2,6 +2,7 @@ attribute domain2; attribute file; attribute fs; +attribute names; include(global_macros.te) @@ -32,8 +33,9 @@ type user_port_t; type time_port_t; -type boot_names_t; -type user_names_t; +type boot_names_t, names; +type user_names_t, names; +type user_secret_names_t, names; type root_t, file; type appl_t, file; @@ -148,29 +150,18 @@ allow_mach_ipc(loginwindow_d,windowserver_d); allow_mach_ipc(loginwindow_d,unlabeled_t); -allow_mach_ipc(loginwindow_d,user_d); -#allow init_d { unlabeled_t init_d login_d kernel_d user_d windowserver_d }:mach_port { send make_send copy_send move_recv }; -#allow kernel_d { unlabeled_t windowserver_d init_d kernel_d user_d }:mach_port { send make_send copy_send }; -#allow login_d { init_d windowserver_d unlabeled_t user_d }:mach_port { send make_send copy_send }; -#allow user_d { user_d init_d windowserver_d user_port_t unlabeled_t coreservices_d }:mach_port { send make_send copy_send }; -allow loginwindow_d { unlabeled_t windowserver_d }:mach_port { send make_send copy_send }; -#allow windowserver_d { init_d loginwindow_d coreservices_d unlabeled_t user_d securityserver_d }:mach_port { send make_send copy_send }; -#allow coreservices_d { user_d securityserver_d }:mach_port { send make_send copy_send }; -#allow securityserver_d { windowserver_d coreservices_d }:mach_port { send make_send copy_send }; allow init_d self:mach_names { register look_up }; -allow user_d { user_d init_d }:mach_names { register look_up }; -allow kernel_d {user_names_t boot_names_t}:mach_port send; +allow kernel_d names:mach_port send; allow_mach_ipc(init_d,coreservices_d); #??? mach_bootstrap(init_d,boot_names_t,boot_names_t); #??? -type_change loginwindow_d loginwindow_d:mach_names user_names_t; +type_change loginwindow_d loginwindow_d:mach_names user_names_t; #XXX allow init_d init_d:mach_port relabelfrom; allow init_d boot_names_t:mach_port relabelto; +allow init_d boot_names_t:mach_names { register create_server }; #??? allow init_d user_names_t:mach_port { copy_send relabelto }; -allow init_d boot_names_t:mach_names { register create_server }; #??? -mach_bootstrap(init_d,user_names_t,securityserver_d); #??? allow_mach_ipc(systemstarter_d,unlabeled_t); allow_mach_ipc(systemstarter_d,boot_names_t); @@ -189,13 +180,6 @@ mach_bootstrap(coreservices_d,boot_names_t,systemstarter_d); #??? mach_bootstrap_register(coreservices_d,boot_names_t); -mach_bootstrap_register(windowserver_d,user_names_t); -allow_mach_ipc(windowserver_d,user_d); -mach_bootstrap(windowserver_d,user_names_t,systemstarter_d); -mach_bootstrap(windowserver_d,user_names_t,pbs_d); -mach_bootstrap(windowserver_d,user_names_t,coreservices_d); -mach_bootstrap(windowserver_d,user_names_t,user_names_t); -mach_bootstrap(windowserver_d,user_names_t,init_d); mach_bootstrap(windowserver_d,boot_names_t,boot_names_t); mach_bootstrap(windowserver_d,boot_names_t,coreservices_d); mach_bootstrap(windowserver_d,boot_names_t,windowserver_d); @@ -210,23 +194,13 @@ allow_mach_ipc(loginwindow_d,init_d); allow_mach_ipc(loginwindow_d,lookupd_d); allow_mach_ipc(loginwindow_d,systemstarter_d); -mach_bootstrap(loginwindow_d,user_names_t,user_names_t); -mach_bootstrap(loginwindow_d,user_names_t,coreservices_d); mach_bootstrap(loginwindow_d,boot_names_t,init_d); mach_bootstrap(loginwindow_d,boot_names_t,boot_names_t); mach_bootstrap(loginwindow_d,boot_names_t,windowserver_d); mach_bootstrap(loginwindow_d,boot_names_t,securityserver_d); -mach_bootstrap(loginwindow_d,user_names_t,systemstarter_d); #??? -mach_bootstrap(loginwindow_d,user_names_t,user_d); #??? -mach_bootstrap_register(loginwindow_d,user_names_t); mach_bootstrap_register(loginwindow_d,boot_names_t); allow loginwindow_d boot_names_t:mach_names makesubset; -allow loginwindow_d user_names_t:mach_names create_server; -mach_bootstrap(securityserver_d,user_names_t,user_names_t); -mach_bootstrap(securityserver_d,user_names_t,user_d); -mach_bootstrap_register(securityserver_d,user_names_t); -mach_bootstrap_register(securityserver_d,boot_names_t); mach_bootstrap(securityserver_d,boot_names_t,init_d); mach_bootstrap(securityserver_d,boot_names_t,boot_names_t); mach_bootstrap(securityserver_d,boot_names_t,coreservices_d); @@ -245,30 +219,11 @@ mach_bootstrap(cron_d,boot_names_t,init_d); allow_mach_ipc(cron_d,init_d); -allow_mach_ipc(user_d,systemstarter_d); -allow_mach_ipc(user_d,init_d); -allow_mach_ipc(user_d,coreservices_d); #SystemUIServer -mach_bootstrap(user_d,user_names_t,coreservices_d); -mach_bootstrap(user_d,user_names_t,pbs_d); -mach_bootstrap(user_d,user_names_t,loginwindow_d); -mach_bootstrap(user_d,user_names_t,securityserver_d); -mach_bootstrap(user_d,user_names_t,windowserver_d); -mach_bootstrap(user_d,user_names_t,systemstarter_d); #??? -mach_bootstrap_register(user_d,user_names_t); -mach_bootstrap(user_d,user_names_t,user_names_t); -allow_mach_ipc(user_d,securityserver_d); -allow_mach_ipc(user_d,lookupd_d); -allow_mach_ipc(pbs_d,user_d); - allow pbs_d appl_t:dir { search getattr read }; allow pbs_d appl_t:file { read getattr }; -allow pbs_d user_d:mach_port { send copy_send }; allow pbs_d lib_t:dir { search getattr }; allow pbs_d lib_t:file { read getattr }; -mach_bootstrap_register(pbs_d,user_names_t); -mach_bootstrap(pbs_d,user_names_t,coreservices_d); allow_mach_ipc(pbs_d,init_d); -mach_bootstrap(pbs_d,user_names_t,init_d) #??? allow_mach_ipc(pbs_d,lookupd_d); allow_mach_ipc(pbs_d,coreservices_d); @@ -277,7 +232,63 @@ allow_mach_ipc(init_d,unlabeled_t); allow_mach_ipc(pbs_d,unlabeled_t); allow_mach_ipc(user_d,unlabeled_t); +allow_mach_ipc(user_secret_d,unlabeled_t); allow_mach_ipc(lookupd_d,unlabeled_t); allow_mach_ipc(coreservices_d,unlabeled_t); allow_mach_ipc(windowserver_d,unlabeled_t); allow_mach_ipc(securityserver_d,unlabeled_t); + +# +# Rules for user domains (user_domain, user_namespace_type) +# +define(`user_sys_access',` + +allow $1 { $1 init_d }:mach_names { register look_up }; + +mach_bootstrap(init_d,$2,securityserver_d); #??? + +mach_bootstrap_register(windowserver_d,$2); +allow_mach_ipc(windowserver_d,$1); +mach_bootstrap(windowserver_d,$2,systemstarter_d); +mach_bootstrap(windowserver_d,$2,pbs_d); +mach_bootstrap(windowserver_d,$2,coreservices_d); +mach_bootstrap(windowserver_d,$2,$2); +mach_bootstrap(windowserver_d,$2,init_d); + +allow_mach_ipc(loginwindow_d,$1); +mach_bootstrap(loginwindow_d,$2,$2); +mach_bootstrap(loginwindow_d,$2,coreservices_d); +mach_bootstrap(loginwindow_d,$2,systemstarter_d); #??? +mach_bootstrap(loginwindow_d,$2,$1); #??? +mach_bootstrap_register(loginwindow_d,$2); +allow loginwindow_d $2:mach_names create_server; + +mach_bootstrap(securityserver_d,$2,$2); +mach_bootstrap(securityserver_d,$2,$1); +mach_bootstrap_register(securityserver_d,$2); +mach_bootstrap_register(securityserver_d,boot_names_t); + +allow_mach_ipc($1,systemstarter_d); +allow_mach_ipc($1,init_d); +allow_mach_ipc($1,coreservices_d); #SystemUIServer +mach_bootstrap($1,$2,coreservices_d); +mach_bootstrap($1,$2,pbs_d); +mach_bootstrap($1,$2,loginwindow_d); +mach_bootstrap($1,$2,securityserver_d); +mach_bootstrap($1,$2,windowserver_d); +mach_bootstrap($1,$2,systemstarter_d); #??? +mach_bootstrap_register($1,$2); +mach_bootstrap($1,$2,$2); +allow_mach_ipc($1,securityserver_d); +allow_mach_ipc($1,lookupd_d); +allow_mach_ipc(pbs_d,$1); + +allow pbs_d $1:mach_port { send copy_send }; +mach_bootstrap_register(pbs_d,$2); +mach_bootstrap(pbs_d,$2,coreservices_d); +mach_bootstrap(pbs_d,$2,init_d) #??? + +') + +user_sys_access(user_d,user_names_t); +user_sys_access(user_secret_d,user_names_t); # can't use other names types yet