PERFORCE change 46750 for review

Tue Feb 10 14:47:25 GMT 2004

http://perforce.freebsd.org/chv.cgi?CH=46750

Change 46750 by areisse at areisse_ibook on 2004/02/10 06:46:46

	user_secret_d can be used in enforcing mode

Affected files ...

.. //depot/projects/trustedbsd/sedarwin/policy/rules#6 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin/policy/rules#6 (text+ko) ====

@@ -2,6 +2,7 @@
 attribute domain2;
 attribute file;
 attribute fs;
+attribute names;
 
 include(global_macros.te)
 
@@ -32,8 +33,9 @@
 type user_port_t;
 type time_port_t;
 
-type boot_names_t;
-type user_names_t;
+type boot_names_t, names;
+type user_names_t, names;
+type user_secret_names_t, names;
 
 type root_t, file;
 type appl_t, file;
@@ -148,29 +150,18 @@
 
 allow_mach_ipc(loginwindow_d,windowserver_d);
 allow_mach_ipc(loginwindow_d,unlabeled_t);
-allow_mach_ipc(loginwindow_d,user_d);
 
-#allow init_d { unlabeled_t init_d login_d kernel_d user_d windowserver_d }:mach_port { send make_send copy_send move_recv };
-#allow kernel_d { unlabeled_t windowserver_d init_d kernel_d user_d }:mach_port { send make_send copy_send };
-#allow login_d { init_d windowserver_d unlabeled_t user_d }:mach_port { send make_send copy_send };
-#allow user_d { user_d init_d windowserver_d user_port_t unlabeled_t coreservices_d }:mach_port { send make_send copy_send };
-allow loginwindow_d { unlabeled_t windowserver_d }:mach_port { send make_send copy_send };
-#allow windowserver_d { init_d loginwindow_d coreservices_d unlabeled_t user_d securityserver_d }:mach_port { send make_send copy_send };
-#allow coreservices_d { user_d securityserver_d }:mach_port { send make_send copy_send };
-#allow securityserver_d { windowserver_d coreservices_d }:mach_port { send make_send copy_send };
 allow init_d self:mach_names { register look_up };
-allow user_d { user_d init_d }:mach_names { register look_up };
 
-allow kernel_d {user_names_t boot_names_t}:mach_port send;
+allow kernel_d names:mach_port send;
 
 allow_mach_ipc(init_d,coreservices_d); #???
 mach_bootstrap(init_d,boot_names_t,boot_names_t); #???
-type_change loginwindow_d loginwindow_d:mach_names user_names_t;
+type_change loginwindow_d loginwindow_d:mach_names user_names_t; #XXX
 allow init_d init_d:mach_port relabelfrom;
 allow init_d boot_names_t:mach_port relabelto;
+allow init_d boot_names_t:mach_names { register create_server }; #???
 allow init_d user_names_t:mach_port { copy_send relabelto };
-allow init_d boot_names_t:mach_names { register create_server }; #???
-mach_bootstrap(init_d,user_names_t,securityserver_d); #???
 
 allow_mach_ipc(systemstarter_d,unlabeled_t);
 allow_mach_ipc(systemstarter_d,boot_names_t);
@@ -189,13 +180,6 @@
 mach_bootstrap(coreservices_d,boot_names_t,systemstarter_d); #???
 mach_bootstrap_register(coreservices_d,boot_names_t);
 
-mach_bootstrap_register(windowserver_d,user_names_t);
-allow_mach_ipc(windowserver_d,user_d);
-mach_bootstrap(windowserver_d,user_names_t,systemstarter_d);
-mach_bootstrap(windowserver_d,user_names_t,pbs_d);
-mach_bootstrap(windowserver_d,user_names_t,coreservices_d);
-mach_bootstrap(windowserver_d,user_names_t,user_names_t);
-mach_bootstrap(windowserver_d,user_names_t,init_d);
 mach_bootstrap(windowserver_d,boot_names_t,boot_names_t);
 mach_bootstrap(windowserver_d,boot_names_t,coreservices_d);
 mach_bootstrap(windowserver_d,boot_names_t,windowserver_d);
@@ -210,23 +194,13 @@
 allow_mach_ipc(loginwindow_d,init_d);
 allow_mach_ipc(loginwindow_d,lookupd_d);
 allow_mach_ipc(loginwindow_d,systemstarter_d);
-mach_bootstrap(loginwindow_d,user_names_t,user_names_t);
-mach_bootstrap(loginwindow_d,user_names_t,coreservices_d);
 mach_bootstrap(loginwindow_d,boot_names_t,init_d);
 mach_bootstrap(loginwindow_d,boot_names_t,boot_names_t);
 mach_bootstrap(loginwindow_d,boot_names_t,windowserver_d);
 mach_bootstrap(loginwindow_d,boot_names_t,securityserver_d);
-mach_bootstrap(loginwindow_d,user_names_t,systemstarter_d); #???
-mach_bootstrap(loginwindow_d,user_names_t,user_d); #???
-mach_bootstrap_register(loginwindow_d,user_names_t);
 mach_bootstrap_register(loginwindow_d,boot_names_t);
 allow loginwindow_d boot_names_t:mach_names makesubset;
-allow loginwindow_d user_names_t:mach_names create_server;
 
-mach_bootstrap(securityserver_d,user_names_t,user_names_t);
-mach_bootstrap(securityserver_d,user_names_t,user_d);
-mach_bootstrap_register(securityserver_d,user_names_t);
-mach_bootstrap_register(securityserver_d,boot_names_t);
 mach_bootstrap(securityserver_d,boot_names_t,init_d);
 mach_bootstrap(securityserver_d,boot_names_t,boot_names_t);
 mach_bootstrap(securityserver_d,boot_names_t,coreservices_d);
@@ -245,30 +219,11 @@
 mach_bootstrap(cron_d,boot_names_t,init_d);
 allow_mach_ipc(cron_d,init_d);
 
-allow_mach_ipc(user_d,systemstarter_d);
-allow_mach_ipc(user_d,init_d);
-allow_mach_ipc(user_d,coreservices_d); #SystemUIServer
-mach_bootstrap(user_d,user_names_t,coreservices_d);
-mach_bootstrap(user_d,user_names_t,pbs_d);
-mach_bootstrap(user_d,user_names_t,loginwindow_d);
-mach_bootstrap(user_d,user_names_t,securityserver_d);
-mach_bootstrap(user_d,user_names_t,windowserver_d);
-mach_bootstrap(user_d,user_names_t,systemstarter_d); #???
-mach_bootstrap_register(user_d,user_names_t);
-mach_bootstrap(user_d,user_names_t,user_names_t);
-allow_mach_ipc(user_d,securityserver_d);
-allow_mach_ipc(user_d,lookupd_d);
-allow_mach_ipc(pbs_d,user_d);
-
 allow pbs_d appl_t:dir { search getattr read };
 allow pbs_d appl_t:file { read getattr };
-allow pbs_d user_d:mach_port { send copy_send };
 allow pbs_d lib_t:dir { search getattr };
 allow pbs_d lib_t:file { read getattr };
-mach_bootstrap_register(pbs_d,user_names_t);
-mach_bootstrap(pbs_d,user_names_t,coreservices_d);
 allow_mach_ipc(pbs_d,init_d);
-mach_bootstrap(pbs_d,user_names_t,init_d) #???
 allow_mach_ipc(pbs_d,lookupd_d);
 allow_mach_ipc(pbs_d,coreservices_d);
 
@@ -277,7 +232,63 @@
 allow_mach_ipc(init_d,unlabeled_t);
 allow_mach_ipc(pbs_d,unlabeled_t);
 allow_mach_ipc(user_d,unlabeled_t);
+allow_mach_ipc(user_secret_d,unlabeled_t);
 allow_mach_ipc(lookupd_d,unlabeled_t);
 allow_mach_ipc(coreservices_d,unlabeled_t);
 allow_mach_ipc(windowserver_d,unlabeled_t);
 allow_mach_ipc(securityserver_d,unlabeled_t);
+
+#
+# Rules for user domains (user_domain, user_namespace_type)
+#
+define(`user_sys_access',`
+
+allow $1 { $1 init_d }:mach_names { register look_up };
+
+mach_bootstrap(init_d,$2,securityserver_d); #???
+
+mach_bootstrap_register(windowserver_d,$2);
+allow_mach_ipc(windowserver_d,$1);
+mach_bootstrap(windowserver_d,$2,systemstarter_d);
+mach_bootstrap(windowserver_d,$2,pbs_d);
+mach_bootstrap(windowserver_d,$2,coreservices_d);
+mach_bootstrap(windowserver_d,$2,$2);
+mach_bootstrap(windowserver_d,$2,init_d);
+
+allow_mach_ipc(loginwindow_d,$1);
+mach_bootstrap(loginwindow_d,$2,$2);
+mach_bootstrap(loginwindow_d,$2,coreservices_d);
+mach_bootstrap(loginwindow_d,$2,systemstarter_d); #???
+mach_bootstrap(loginwindow_d,$2,$1); #???
+mach_bootstrap_register(loginwindow_d,$2);
+allow loginwindow_d $2:mach_names create_server;
+
+mach_bootstrap(securityserver_d,$2,$2);
+mach_bootstrap(securityserver_d,$2,$1);
+mach_bootstrap_register(securityserver_d,$2);
+mach_bootstrap_register(securityserver_d,boot_names_t);
+
+allow_mach_ipc($1,systemstarter_d);
+allow_mach_ipc($1,init_d);
+allow_mach_ipc($1,coreservices_d); #SystemUIServer
+mach_bootstrap($1,$2,coreservices_d);
+mach_bootstrap($1,$2,pbs_d);
+mach_bootstrap($1,$2,loginwindow_d);
+mach_bootstrap($1,$2,securityserver_d);
+mach_bootstrap($1,$2,windowserver_d);
+mach_bootstrap($1,$2,systemstarter_d); #???
+mach_bootstrap_register($1,$2);
+mach_bootstrap($1,$2,$2);
+allow_mach_ipc($1,securityserver_d);
+allow_mach_ipc($1,lookupd_d);
+allow_mach_ipc(pbs_d,$1);
+
+allow pbs_d $1:mach_port { send copy_send };
+mach_bootstrap_register(pbs_d,$2);
+mach_bootstrap(pbs_d,$2,coreservices_d);
+mach_bootstrap(pbs_d,$2,init_d) #???
+
+')
+
+user_sys_access(user_d,user_names_t);
+user_sys_access(user_secret_d,user_names_t); # can't use other names types yet
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

