* antivir policy
@ 2005-11-03 17:08 shintarou_fujiwara
0 siblings, 0 replies; only message in thread
From: shintarou_fujiwara @ 2005-11-03 17:08 UTC (permalink / raw)
To: selinux mailing list
[-- Attachment #1: Type: text/plain, Size: 155 bytes --]
Hi, again from Japan.
I've written down antivir policy for antivir users.
Antivir is downloadable from here.
http://www.free-av.com/
shintarou_fujiwara
[-- Attachment #2: antivir.fc --]
[-- Type: application/octet-stream, Size: 537 bytes --]
####################for antivir###########################################
/usr/lib/AntiVir -d system_u:object_r:antivir_home_t
/usr/lib/AntiVir/antivir system_u:object_r:antivir_exec_t
/usr/lib/AntiVir/antivir\.vdf system_u:object_r:antivir_pattern_file_t
/usr/lib/AntiVir/avupdater system_u:object_r:antivir_bin_t
/usr/lib/AntiVir/configantivir system_u:object_r:antivir_bin_t
/etc/antivir\.conf system_u:object_r:antivir_conf_t
/etc/avguard\.conf system_u:object_r:antivir_conf_t
[-- Attachment #3: antivir.te --]
[-- Type: application/octet-stream, Size: 1635 bytes --]
#############for antivir###############
daemon_domain(antivir,`,auth_chkpwd')
can_network(antivir_t)
can_exec(antivir_t,bin_t)
can_exec(antivir_t,sbin_t)
can_exec(antivir_t,mount_exec_t)
tmp_domain(antivir)
lock_domain(antivir)
###############types##############################
type antivir_home_t, file_type, sysadmfile;
type antivir_bin_t, file_type, sysadmfile, exec_type;
type antivir_pattern_file_t, file_type, sysadmfile;
type antivir_conf_t, file_type, sysadmfile;
type antivir_var_log_t, file_type, sysadmfile;
################basic policy############################
allow antivir_t antivir_conf_t:file r_file_perms;
allow antivir_t antivir_home_t:dir r_dir_perms;
allow antivir_t antivir_pattern_file_t:file r_file_perms;
allow antivir_t self:fifo_file rw_file_perms;
allow antivir_t var_log_t:file ra_file_perms;
###########so that antivir can check dir########################
allow antivir_t boot_t:dir r_dir_perms;
allow antivir_t bin_t:dir r_dir_perms;
allow antivir_t sbin_t:dir r_dir_perms;
allow antivir_t default_t:dir r_dir_perms;
allow antivir_t home_root_t:dir r_dir_perms;
allow antivir_t lost_found_t:dir r_dir_perms;
allow antivir_t mnt_t:dir r_dir_perms;
allow antivir_t security_t:dir r_dir_perms;
allow antivir_t sysadm_home_dir_t:dir r_dir_perms;
allow antivir_t var_log_t:dir r_dir_perms;
#######################others################################
allow antivir_t antivir_t:unix_dgram_socket { connect write create };
allow antivir_t etc_runtime_t:file r_file_perms;
allow antivir_t etc_t:file r_file_perms;
allow antivir_t proc_t:file r_file_perms;
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2005-11-03 17:13 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-11-03 17:08 antivir policy shintarou_fujiwara
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.