On Mon, 2005-08-08 at 08:30 -0400, Frank Mayer wrote: > Göran Uddeborg wrote: > > Is there some kind of documentation list over the available classes > > and operations (permissions)? > > There's a paper on NSA's site that should help. Also we've been trying to > keep exactly what you asked for at > http://www.tresys.com/selinux/obj_perms_help.html. We intend to keep it up > to date (it currently has a date of April), but there might be some minor > changes not reflected. The original set of classes and permissions were described in the report available from http://www.nsa.gov/selinux/papers/slinux-abs.cfm That report described the classes and permissions and what permission checks were applied for each syscall (the control requirements) for the original SELinux kernel patch. A subsequent report on the LSM-based SELinux available from http://www.nsa.gov/selinux/papers/module-abs.cfm describes changes from the original SELinux kernel patch and what permission checks are applied for each LSM hook function. We have been periodically updating that report, and its sources are included in the selinux-doc tarball. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
