Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /usr/share/doc/selinux-policy-2.4.6/html/ drwxr-xr-x | |
| Viewing file: Select action/file-type: Security Enhanced Linux Reference Policy
+
admin
-
application
- authlogin - clock - daemontools - fstools - getty - hostname - hotplug - init - ipsec - iptables - iscsi - libraries - locallogin - logging - lvm - miscfiles - modutils - mount - netlabel - pcmcia - raid - selinuxutil - setrans - sysnetwork - tzdata - udev - unconfined - userdomain - virtual - xen * Global Booleans * Global Tunables * Layer Index * Interface Index * Template Index Layer: systemModule: authloginInterfaces TemplatesDescription:Common policy for authentication and user login. Interfaces:
auth_append_faillog(
domain
)
SummaryAppend to the login failure log. Parameters
auth_append_lastlog(
domain
)
SummaryAppend only to the last logins log. Parameters
auth_append_login_records(
domain
)
SummaryAppend to login records (wtmp). Parameters
auth_can_read_shadow_passwords(
domain
)
SummaryPass shadow assertion for reading. Description
Pass shadow assertion for reading. This should only be used with auth_tunable_read_shadow(), and only exists because typeattribute does not work in conditionals.
Parameters
auth_delete_pam_console_data(
domain
)
SummaryDelete pam_console data. Parameters
auth_delete_pam_pid(
domain
)
SummaryDelete pam PID files. Parameters
auth_domtrans_chk_passwd(
domain
)
SummaryRun unix_chkpwd to check a password. Parameters
auth_domtrans_chkpwd(
domain
)
SummaryRun unix_chkpwd to check a password. Parameters
auth_domtrans_login_program(
domain
,
target_domain
)
SummaryExecute a login_program in the target domain. Parameters
auth_domtrans_pam(
domain
)
SummaryExecute pam programs in the pam domain. Parameters
auth_domtrans_pam_console(
domain
)
SummaryExecute pam_console with a domain transition. Parameters
auth_domtrans_upd_passwd(
domain
)
SummaryExecute a domain transition to run unix_update. Parameters
auth_domtrans_upd_passwd_chk(
domain
)
SummaryExecute a domain transition to run unix_update in Read Only Mode. Parameters
auth_domtrans_utempter(
domain
)
SummaryExecute utempter programs in the utempter domain. Parameters
auth_dontaudit_exec_utempter(
domain
)
SummaryDo not audit attemps to execute utempter executable. Parameters
auth_dontaudit_getattr_shadow(
domain
)
SummaryDo not audit attempts to get the attributes of the shadow passwords file. Parameters
auth_dontaudit_read_pam_pid(
domain
)
SummaryDo not audit attemps to read PAM PID files. Parameters
auth_dontaudit_read_shadow(
domain
)
SummaryDo not audit attempts to read the shadow password file (/etc/shadow). Parameters
auth_dontaudit_write_login_records(
domain
)
SummaryDo not audit attempts to write to login records files. Parameters
auth_etc_filetrans_shadow(
domain
)
SummaryAutomatic transition from etc to shadow. Parameters
auth_exec_pam(
domain
)
SummaryExecute the pam program. Parameters
auth_filetrans_cache(
domain
)
SummaryAutomatic transition from cache_t to cache. Parameters
auth_getattr_shadow(
domain
)
SummaryGet the attributes of the shadow passwords file. Parameters
auth_keyring_domain(
domain
)
SummaryMake the specified domain a keyring domain Parameters
auth_list_pam_console_data(
domain
)
SummaryList the contents of the pam_console data directory. Parameters
auth_log_filetrans_login_records(
domain
)
SummaryCreate a login records in the log directory using a type transition. Parameters
auth_login_entry_type(
domain
)
SummaryUse the login program as an entry point program. Parameters
auth_login_pgm_domain(
domain
)
SummaryMake the specified domain used for a login program. Parameters
auth_manage_all_files_except_shadow(
domain
,
exception_types
)
SummaryManage all files on the filesystem, except the shadow passwords and listed exceptions. Parameters
auth_manage_cache(
domain
)
SummaryManage authentication cache Parameters
auth_manage_login_records(
domain
)
SummaryCreate, read, write, and delete login records files. Parameters
auth_manage_pam_console_data(
domain
)
SummaryCreate, read, write, and delete pam_console data files. Parameters
auth_manage_pam_pid(
domain
)
SummaryManage pam PID files. Parameters
auth_manage_shadow(
domain
)
SummaryCreate, read, write, and delete the shadow password file. Parameters
auth_manage_var_auth(
domain
)
SummaryManage var auth files. Used by various other applications and pam applets etc. Parameters
auth_ranged_domtrans_login_program(
domain
,
target_domain
,
range
)
SummaryExecute a login_program in the target domain, with a range transition. Parameters
auth_read_all_dirs_except_shadow(
domain
,
exception_types
)
SummaryRead all directories on the filesystem, except the shadow passwords and listed exceptions. Parameters
auth_read_all_files_except_shadow(
domain
,
exception_types
)
SummaryRead all files on the filesystem, except the shadow passwords and listed exceptions. Parameters
auth_read_all_symlinks_except_shadow(
domain
,
exception_types
)
SummaryRead all symbolic links on the filesystem, except the shadow passwords and listed exceptions. Parameters
auth_read_cache(
domain
)
SummaryRead authentication cache Parameters
auth_read_key(
domain
)
Summaryread login keyrings. Parameters
auth_read_lastlog(
domain
)
SummaryRead the last logins log. Parameters
auth_read_login_records(
domain
)
SummaryRead login records files (/var/log/wtmp). Parameters
auth_read_pam_console_data(
domain
)
SummaryRead pam_console data files. Parameters
auth_read_pam_pid(
domain
)
SummaryRead PAM PID files. Parameters
auth_read_shadow(
domain
)
SummaryRead the shadow passwords file (/etc/shadow) Parameters
auth_relabel_all_files_except_shadow(
domain
,
exception_types
)
SummaryRelabel all files on the filesystem, except the shadow passwords and listed exceptions. Parameters
auth_relabel_shadow(
domain
)
SummaryRelabel from and to the shadow password file type. Parameters
auth_relabelto_shadow(
domain
)
SummaryRelabel to the shadow password file type. Parameters
auth_run_chk_passwd(
domain
,
role
,
terminal
)
SummaryExecute chkpwd programs in the chkpwd domain. Parameters
auth_run_pam(
domain
,
role
,
terminal
)
SummaryExecute pam programs in the PAM domain. Parameters
auth_run_upd_passwd(
domain
,
role
,
terminal
)
SummaryExecute updpwd programs in the updpwd domain. Parameters
auth_run_upd_passwd_chk(
domain
,
role
,
terminal
)
SummaryExecute updpwd programs in the chkpwd domain. Parameters
auth_run_utempter(
domain
,
role
,
terminal
)
SummaryExecute utempter programs in the utempter domain. Parameters
auth_rw_all_files_except_shadow(
domain
,
exception_types
)
Summaryrw all files on the filesystem, except the shadow passwords and listed exceptions. Parameters
auth_rw_cache(
domain
)
SummaryRead/Write authentication cache Parameters
auth_rw_faillog(
domain
)
SummaryRead and write the login failure log. Parameters
auth_rw_lastlog(
domain
)
SummaryRead and write to the last logins log. Parameters
auth_rw_login_records(
domain
)
SummaryRead and write login records. Parameters
auth_rw_shadow(
domain
)
SummaryRead and write the shadow password file (/etc/shadow). Parameters
auth_search_key(
domain
)
Summarysearch login keyrings. Parameters
auth_search_pam_console_data(
domain
)
SummarySearch the contents of the pam_console data directory. Parameters
auth_setattr_login_records(
domain
)
SummarySet the attributes of login record files. Parameters
auth_tunable_read_shadow(
domain
)
SummaryRead the shadow password file. Description
Read the shadow password file. This should only be used in a conditional; it does not pass the reading shadow assertion.
Parameters
auth_unconfined(
domain
)
SummaryUnconfined access to the authlogin module. Description
Unconfined access to the authlogin module.
Currently, this only allows assertions for the shadow passwords file (/etc/shadow) to be passed. No access is granted yet.
Parameters
auth_use_nsswitch(
domain
)
SummaryUse nsswitch to look up uid-username mappings. Parameters
auth_write_login_records(
domain
)
SummaryWrite to login records (wtmp). Parameters
Templates:
auth_domtrans_user_chk_passwd(
userdomain_prefix
,
domain
)
SummaryRun unix_chkpwd to check a password for a user domain. Description
Run unix_chkpwd to check a password for a user domain.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
authlogin_common_auth_domain_template(
userdomain_prefix
)
SummaryCommon template to create a domain for authentication. Description
This template creates a derived domain which is allowed to authenticate users by using PAM unix_chkpwd support.
Parameters
authlogin_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
SummaryThe per role template for the authlogin module. Description
This template creates a derived domain which is allowed to authenticate users by using PAM unix_chkpwd support. This domain will be used by any programs running in the user domain which use PAM to authenticate.
This template is invoked automatically for each user, and generally does not need to be invoked directly by policy writers.
Parameters
|
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0826 ]-- |