List of operations
Stephen Smalley
sds at tycho.nsa.gov
Mon Aug 8 13:19:20 UTC 2005
On Mon, 2005-08-08 at 08:30 -0400, Frank Mayer wrote:
> Göran Uddeborg wrote:
> > Is there some kind of documentation list over the available classes
> > and operations (permissions)?
>
> There's a paper on NSA's site that should help. Also we've been trying to
> keep exactly what you asked for at
> http://www.tresys.com/selinux/obj_perms_help.html. We intend to keep it up
> to date (it currently has a date of April), but there might be some minor
> changes not reflected.
The original set of classes and permissions were described in the report
available from
http://www.nsa.gov/selinux/papers/slinux-abs.cfm
That report described the classes and permissions and what permission
checks were applied for each syscall (the control requirements) for the
original SELinux kernel patch.
A subsequent report on the LSM-based SELinux available from
http://www.nsa.gov/selinux/papers/module-abs.cfm
describes changes from the original SELinux kernel patch and what
permission checks are applied for each LSM hook function. We have been
periodically updating that report, and its sources are included in the
selinux-doc tarball.
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list