Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /usr/share/doc/selinux-policy-2.4.6/html/ drwxr-xr-x | |
| Viewing file: Select action/file-type: Security Enhanced Linux Reference Policy
+
admin
-
acct
+
apps
- alsa - amanda - amtu - anaconda - apt - backup - bootloader - brctl - certwatch - consoletype - ddcprobe - dmesg - dmidecode - dpkg - firstboot - kudzu - logrotate - logwatch - mrtg - netutils - portage - prelink - quota - readahead - rpm - su - sudo - sxid - tmpreaper - tripwire - updfstab - usbmodules - usermanage - vbetool - vpn
-
ada
+
kernel
- authbind - calamaris - cdrecord - ethereal - evolution - games - gift - gnome - gpg - guest - irc - java - loadkeys - lockdev - mono - mozilla - mplayer - qemu - rssh - screen - slocate - thunderbird - tvtime - uml - userhelper - usernetctl - vmware - webalizer - wine - yam
-
corecommands
+
services
- corenetwork - devices - domain - files - filesystem - kernel - mcs - mls - selinux - storage - terminal
-
afs
+
system
- aide - aisexec - amavis - apache - apm - arpwatch - asterisk - audioentropy - automount - avahi - bind - bluetooth - canna - ccs - cipe - clamav - clockspeed - clogd - comsat - courier - cpucontrol - cron - cups - cvs - cyrus - dante - dbskk - dbus - dcc - ddclient - dhcp - dictd - distcc - djbdns - dnsmasq - dovecot - exim - fail2ban - fetchmail - finger - ftp - gatekeeper - gpm - hal - howl - i18n_input - imaze - inetd - inn - ircd - irqbalance - jabber - kerberos - ktalk - ldap - lpd - mailman - milter - monop - mta - munin - mysql - nagios - nessus - networkmanager - nis - nscd - nsd - ntop - ntp - nx - oav - oddjob - openca - openct - openvpn - pcscd - pegasus - perdition - pki - portmap - portslave - postfix - postgresql - postgrey - ppp - prelude - privoxy - procmail - publicfile - pxe - pyzor - qmail - radius - radvd - razor - rdisc - remotelogin - resmgr - rgmanager - rhcs - rhgb - ricci - rlogin - roundup - rpc - rshd - rsync - samba - sasl - sendmail - setroubleshoot - slrnpull - smartmon - snmp - snort - soundserver - spamassassin - speedtouch - squid - ssh - stunnel - sysstat - tcpd - telnet - tftp - timidity - tor - transproxy - ucspitcp - uptime - uucp - uwimap - vhostmd - virt - watchdog - xfs - xprint - xserver - zebra - zosremote
-
application
- authlogin - clock - daemontools - fstools - getty - hostname - hotplug - init - ipsec - iptables - iscsi - libraries - locallogin - logging - lvm - miscfiles - modutils - mount - netlabel - pcmcia - raid - selinuxutil - setrans - sysnetwork - tzdata - udev - unconfined - userdomain - virtual - xen * Global Booleans * Global Tunables * Layer Index * Interface Index * Template Index Master template index:
Module:
apache
Layer:
services
apache_content_template(
prefix
)
Create a set of derived types for apache web content.
Module:
apache
Layer:
services
apache_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the apache module.
Module:
apache
Layer:
services
apache_read_user_content(
domain_prefix
,
domain
)
Read user web content.
Module:
apache
Layer:
services
apache_read_user_scripts(
domain_prefix
,
domain
)
Read httpd user scripts executables.
Module:
authlogin
Layer:
system
auth_domtrans_user_chk_passwd(
userdomain_prefix
,
domain
)
Run unix_chkpwd to check a password for a user domain.
Module:
authlogin
Layer:
system
authlogin_common_auth_domain_template(
userdomain_prefix
)
Common template to create a domain for authentication.
Module:
authlogin
Layer:
system
authlogin_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the authlogin module.
Module:
cdrecord
Layer:
apps
cdrecord_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the cdrecord module.
Module:
clockspeed
Layer:
services
clockspeed_run_cli(
domain
,
role
,
terminal
)
Allow the specified role the clockspeed_cli domain.
Module:
courier
Layer:
services
courier_domain_template(
prefix
)
Template for creating courier server processes.
Module:
cron
Layer:
services
cron_admin_template(
userdomain_prefix
)
The administrative functions template for the cron module.
Module:
cron
Layer:
services
cron_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the cron module.
Module:
dbus
Layer:
services
dbus_connectto_user_bus(
domain_prefix
,
domain
)
connectto a message on user/application specific DBUS.
Module:
dbus
Layer:
services
dbus_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the dbus module.
Module:
dbus
Layer:
services
dbus_send_user_bus(
domain_prefix
,
domain
)
Send a message on user/application specific DBUS.
Module:
dbus
Layer:
services
dbus_system_bus_client_template(
domain_prefix
,
domain
)
Template for creating connections to the system DBUS.
Module:
dbus
Layer:
services
dbus_user_bus_client_template(
user_prefix
,
domain_prefix
,
domain
)
Template for creating connections to a user DBUS.
Module:
djbdns
Layer:
services
djbdns_daemontools_domain_template(
prefix
)
Create a set of derived types for djbdns components that are directly supervised by daemontools.
Module:
ethereal
Layer:
apps
ethereal_admin_template(
userdomain_prefix
,
user_domain
)
The administrative functions template for the ethereal module.
Module:
ethereal
Layer:
apps
ethereal_domtrans_tethereal(
domain
)
Run tethereal in the tethereal domain.
Module:
ethereal
Layer:
apps
ethereal_domtrans_user_ethereal(
userdomain_prefix
,
domain
)
Run ethereal in ethereal domain.
Module:
ethereal
Layer:
apps
ethereal_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the ethereal module.
Module:
evolution
Layer:
apps
evolution_home_filetrans(
prefix
,
domain
,
object
)
Create objects in users evolution home folders.
Module:
evolution
Layer:
apps
evolution_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the evolution module.
Module:
evolution
Layer:
apps
evolution_stream_connect(
userdomain_prefix
,
domain
)
Connect to user evolution unix stream socket.
Module:
ftp
Layer:
services
ftp_per_role_template(
userdomain_prefix
)
The per role template for the ftp module.
Module:
games
Layer:
apps
games_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the games module.
Module:
gift
Layer:
apps
gift_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the gift module.
Module:
gnome
Layer:
apps
gnome_domtrans_user_gconf(
userdomain_prefix
,
domain
)
Run gconfd in the role-specific gconfd domain.
Module:
gnome
Layer:
apps
gnome_gconf_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the gnome gconf module.
Module:
gnome
Layer:
apps
gnome_manage_user_gnome_config(
userdomain_prefix
,
user_domain
)
manage gnome homedir content (.config)
Module:
gnome
Layer:
apps
gnome_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the gnome module.
Module:
gnome
Layer:
apps
gnome_read_user_gnome_config(
userdomain_prefix
,
user_domain
)
read gnome homedir content (.config)
Module:
gnome
Layer:
apps
gnome_stream_connect_gconf_template(
userdomain_prefix
,
user_domain
)
gconf connection template.
Module:
gpg
Layer:
apps
gpg_domtrans_user_gpg(
userdomain_prefix
,
domain
)
Transition to a user gpg domain.
Module:
gpg
Layer:
apps
gpg_per_role_template(
userdomain_prefix
,
userdomain
,
role
)
The per role template for the gpg module.
Module:
gpg
Layer:
apps
gpg_signal_user_gpg(
userdomain_prefix
,
domain
)
Send generic signals to user gpg processes.
Module:
irc
Layer:
apps
irc_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the irc module.
Module:
java
Layer:
apps
java_domtrans_user_javaplugin(
userdomain_prefix
,
domain
)
Run java in javaplugin domain.
Module:
java
Layer:
apps
java_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the java module.
Module:
kerberos
Layer:
services
kerberos_keytab_template(
prefix
,
domain
)
Create a derived type for kerberos keytab
Module:
lockdev
Layer:
apps
lockdev_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the lockdev module.
Module:
lpd
Layer:
services
lpd_domtrans_user_lpr(
userdomain_prefix
,
domain
)
Transition to a user lpr domain.
Module:
lpd
Layer:
services
lpd_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the lpd module.
Module:
lpd
Layer:
services
lpr_admin_template(
userdomain_prefix
)
The administrative functions template for the lpd module.
Module:
mailman
Layer:
services
mailman_domain_template(
userdomain_prefix
)
The template to define a mailmain domain.
Module:
milter
Layer:
services
milter_template(
milter_name
)
Create a set of derived types for various mail filter applications using the milter interface.
Module:
mozilla
Layer:
apps
mozilla_domtrans_user_mozilla(
userdomain_prefix
,
domain
)
Run mozilla in user mozilla domain.
Module:
mozilla
Layer:
apps
mozilla_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the mozilla module.
Module:
mozilla
Layer:
apps
mozilla_read_user_home_files(
userdomain_prefix
,
domain
)
Read mozilla per user homedir
Module:
mozilla
Layer:
apps
mozilla_rw_user_tcp_sockets(
userdomain_prefix
,
domain
)
read/write mozilla per user tcp_socket
Module:
mozilla
Layer:
apps
mozilla_write_user_home_files(
userdomain_prefix
,
domain
)
write mozilla per user homedir
Module:
mplayer
Layer:
apps
mplayer_domtrans_user_mplayer(
userdomain_prefix
,
domain
)
Run mplayer in mplayer domain.
Module:
mplayer
Layer:
apps
mplayer_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the mplayer module.
Module:
mplayer
Layer:
apps
mplayer_read_user_home_files(
userdomain_prefix
,
domain
)
Read mplayer per user homedir
Module:
mta
Layer:
services
mta_admin_template(
userdomain_prefix
,
user_domain
)
Provide extra permissions for admin users mail domain.
Module:
mta
Layer:
services
mta_base_mail_template(
domain_prefix
)
Basic mail transfer agent domain template.
Module:
mta
Layer:
services
mta_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the mta module.
Module:
pki
Layer:
services
pki_ca_template(
prefix
)
Create a set of derived types for apache web content.
Module:
pki
Layer:
services
pki_ra_template(
prefix
)
Create a set of derived types for apache web content.
Module:
postfix
Layer:
services
postfix_domain_template(
prefix
)
Creates types and rules for a basic postfix process domain.
Module:
postfix
Layer:
services
postfix_per_role_template(
prefix
,
user_domain
)
The per role template for the postfix module.
Module:
postfix
Layer:
services
postfix_server_domain_template(
prefix
)
Creates a postfix server process domain.
Module:
postfix
Layer:
services
postfix_user_domain_template(
prefix
)
Creates a process domain for programs that are ran by users.
Module:
pyzor
Layer:
services
pyzor_per_role_template(
userdomain_prefix
)
The per role template for the pyzor module.
Module:
qemu
Layer:
apps
qemu_domain_template(
prefix
)
Creates types and rules for a basic qemu process domain.
Module:
qemu
Layer:
apps
qemu_role(
userdomain_prefix
,
user_role
,
user_domain
)
The per role template for the qemu module.
Module:
qmail
Layer:
services
qmail_child_domain_template(
child_prefix
,
parent_domain
)
Template for qmail parent/sub-domain pairs
Module:
qmail
Layer:
services
qmail_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for qmail
Module:
razor
Layer:
services
razor_common_domain_template(
prefix
)
Template to create types and rules common to all razor domains.
Module:
razor
Layer:
services
razor_manage_user_home_files(
userdomain_prefix
,
domain
)
Create, read, write, and delete razor files in a user home subdirectory.
Module:
razor
Layer:
services
razor_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the razor module.
Module:
rhcs
Layer:
services
rhcs_domain_template(
prefix
)
Creates types and rules for a basic cluster init daemon domain.
Module:
rpc
Layer:
services
rpc_domain_template(
userdomain_prefix
)
The template to define a rpc domain.
Module:
rssh
Layer:
apps
rssh_per_role_template(
userdomain_prefix
)
The per role template for the rssh module.
Module:
samba
Layer:
services
samba_per_role_template(
userdomain_prefix
)
The per role template for the samba module.
Module:
screen
Layer:
apps
screen_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the screen module.
Module:
spamassassin
Layer:
services
spamassassin_domtrans_user_client(
prefix
,
domain
)
Execute spamassassin client in the user spamassassin client domain.
Module:
spamassassin
Layer:
services
spamassassin_domtrans_user_local_client(
prefix
,
domain
)
Execute spamassassin in the user spamassassin domain.
Module:
spamassassin
Layer:
services
spamassassin_manage_user_home_files(
userdomain_prefix
,
domain
)
Read spamassassin per user homedir
Module:
spamassassin
Layer:
services
spamassassin_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the spamassassin module.
Module:
spamassassin
Layer:
services
spamassassin_read_user_home_files(
userdomain_prefix
,
domain
)
Read spamassassin per user homedir
Module:
ssh
Layer:
services
ssh_basic_client_template(
userdomain_prefix
,
user_domain
,
user_role
)
Basic SSH client template.
Module:
ssh
Layer:
services
ssh_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the ssh module.
Module:
ssh
Layer:
services
ssh_server_template(
userdomain_prefix
)
The template to define a ssh server.
Module:
su
Layer:
admin
su_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the su module.
Module:
su
Layer:
admin
su_restricted_domain_template(
userdomain_prefix
,
user_domain
,
user_role
)
Restricted su domain template.
Module:
sudo
Layer:
admin
sudo_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the sudo module.
Module:
thunderbird
Layer:
apps
thunderbird_domtrans_user_thunderbird(
userdomain_prefix
,
domain
)
Run thunderbird in user thunderbird domain.
Module:
thunderbird
Layer:
apps
thunderbird_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the thunderbird module.
Module:
tvtime
Layer:
apps
tvtime_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the tvtime module.
Module:
uml
Layer:
apps
uml_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the uml module.
Module:
userdomain
Layer:
system
userdom_admin_user_template(
userdomain_prefix
)
The template for creating an administrative user.
Module:
userdomain
Layer:
system
userdom_base_user_template(
userdomain_prefix
)
The template containing the most basic rules common to all users.
Module:
userdomain
Layer:
system
userdom_basic_networking_template(
userdomain_prefix
)
The template allowing the user basic network permissions
Module:
userdomain
Layer:
system
userdom_change_password_template(
userdomain_prefix
)
The template for allowing the user to change passwords.
Module:
userdomain
Layer:
system
userdom_common_user_template(
userdomain_prefix
)
The template containing rules common to unprivileged users and administrative users.
Module:
userdomain
Layer:
system
userdom_create_user_pty(
userdomain_prefix
,
domain
)
Create a user pty.
Module:
userdomain
Layer:
system
userdom_dontaudit_append_user_tmp_files(
userdomain_prefix
,
domain
)
Do not audit attempts to append users temporary files.
Module:
userdomain
Layer:
system
userdom_dontaudit_exec_user_home_content_files(
userdomain_prefix
,
domain
)
Do not audit attempts to execute user home files.
Module:
userdomain
Layer:
system
userdom_dontaudit_list_user_home_dirs(
userdomain_prefix
,
domain
)
Do not audit attempts to list user home subdirectories.
Module:
userdomain
Layer:
system
userdom_dontaudit_list_user_tmp(
userdomain_prefix
,
domain
)
Do not audit attempts to list user temporary directories.
Module:
userdomain
Layer:
system
userdom_dontaudit_list_user_tmp_untrusted_content(
userdomain_prefix
,
domain
)
Do not audit attempts to list user temporary untrusted directories.
Module:
userdomain
Layer:
system
userdom_dontaudit_list_user_untrusted_content(
userdomain_prefix
,
domain
)
Do not audit attempts to list user untrusted directories.
Module:
userdomain
Layer:
system
userdom_dontaudit_manage_user_home_content_dirs(
userdomain_prefix
,
domain
)
Do not audit attempts to create, read, write, and delete directories in a user home subdirectory.
Module:
userdomain
Layer:
system
userdom_dontaudit_manage_user_tmp_dirs(
userdomain_prefix
,
domain
)
Do not audit attempts to manage users temporary directories.
Module:
userdomain
Layer:
system
userdom_dontaudit_manage_user_tmp_files(
userdomain_prefix
,
domain
)
Do not audit attempts to manage users temporary files.
Module:
userdomain
Layer:
system
userdom_dontaudit_read_user_home_content_files(
userdomain_prefix
,
domain
)
Do not audit attempts to read user home files.
Module:
userdomain
Layer:
system
userdom_dontaudit_read_user_tmp_files(
userdomain_prefix
,
domain
)
Do not audit attempts to read users temporary files.
Module:
userdomain
Layer:
system
userdom_dontaudit_read_user_tmp_untrusted_content_files(
userdomain_prefix
,
domain
)
Do not audit attempts to read users temporary untrusted files.
Module:
userdomain
Layer:
system
userdom_dontaudit_read_user_untrusted_content_files(
userdomain_prefix
,
domain
)
Do not audit attempts to read users untrusted files.
Module:
userdomain
Layer:
system
userdom_dontaudit_setattr_user_home_content_files(
userdomain_prefix
,
domain
)
Do not audit attempts to set the attributes of user home files.
Module:
userdomain
Layer:
system
userdom_dontaudit_use_user_terminals(
userdomain_prefix
,
domain
)
Do not audit attempts to read and write a user domain tty and pty.
Module:
userdomain
Layer:
system
userdom_dontaudit_write_user_home_content_files(
userdomain_prefix
,
domain
)
Do not audit attempts to write user home files.
Module:
userdomain
Layer:
system
userdom_exec_generic_pgms_template(
userdomain_prefix
)
The template allowing the user to execute generic programs, such as those found in /bin, /sbin, /usr/bin, and /usr/sbin.
Module:
userdomain
Layer:
system
userdom_exec_home_template(
userdomain_prefix
)
The template for allowing the user to execute files in their home directory.
Module:
userdomain
Layer:
system
userdom_exec_tmp_template(
userdomain_prefix
)
The template for execute access to the user temporary files.
Module:
userdomain
Layer:
system
userdom_exec_user_home_content_files(
userdomain_prefix
,
domain
)
Execute user home files.
Module:
userdomain
Layer:
system
userdom_list_user_home_dirs(
userdomain_prefix
,
domain
)
List user home directories.
Module:
userdomain
Layer:
system
userdom_list_user_tmp(
userdomain_prefix
,
domain
)
List user temporary directories.
Module:
userdomain
Layer:
system
userdom_list_user_tmp_untrusted_content(
userdomain_prefix
,
domain
)
List users temporary untrusted directories.
Module:
userdomain
Layer:
system
userdom_list_user_untrusted_content(
userdomain_prefix
,
domain
)
List users untrusted directories.
Module:
userdomain
Layer:
system
userdom_login_user_template(
userdomain_prefix
)
The template for creating a login user.
Module:
userdomain
Layer:
system
userdom_manage_home_template(
userdomain_prefix
)
The template for creating a home directory that the user has full access.
Module:
userdomain
Layer:
system
userdom_manage_tmp_template(
userdomain_prefix
)
The template for full access to the temporary directories.
Module:
userdomain
Layer:
system
userdom_manage_tmpfs_template(
userdomain_prefix
)
The template for creating a tmpfs type that the user has full access.
Module:
userdomain
Layer:
system
userdom_manage_user_home_content_dirs(
userdomain_prefix
,
domain
)
Create, read, write, and delete directories in a user home subdirectory.
Module:
userdomain
Layer:
system
userdom_manage_user_home_content_files(
userdomain_prefix
,
domain
)
Create, read, write, and delete files in a user home subdirectory.
Module:
userdomain
Layer:
system
userdom_manage_user_home_content_pipes(
userdomain_prefix
,
domain
)
Create, read, write, and delete named pipes in a user home subdirectory.
Module:
userdomain
Layer:
system
userdom_manage_user_home_content_sockets(
userdomain_prefix
,
domain
)
Create, read, write, and delete named sockets in a user home subdirectory.
Module:
userdomain
Layer:
system
userdom_manage_user_home_content_symlinks(
userdomain_prefix
,
domain
)
Create, read, write, and delete symbolic links in a user home subdirectory.
Module:
userdomain
Layer:
system
userdom_manage_user_tmp_dirs(
userdomain_prefix
,
domain
)
Create, read, write, and delete user temporary directories.
Module:
userdomain
Layer:
system
userdom_manage_user_tmp_files(
userdomain_prefix
,
domain
)
Create, read, write, and delete user temporary files.
Module:
userdomain
Layer:
system
userdom_manage_user_tmp_pipes(
userdomain_prefix
,
domain
)
Create, read, write, and delete user temporary named pipes.
Module:
userdomain
Layer:
system
userdom_manage_user_tmp_sockets(
userdomain_prefix
,
domain
)
Create, read, write, and delete user temporary named sockets.
Module:
userdomain
Layer:
system
userdom_manage_user_tmp_symlinks(
userdomain_prefix
,
domain
)
Create, read, write, and delete user temporary symbolic links.
Module:
userdomain
Layer:
system
userdom_manage_user_untrusted_content_files(
userdomain_prefix
,
domain
)
Manage user untrusted files.
Module:
userdomain
Layer:
system
userdom_poly_home_template(
userdomain_prefix
)
The template for polyinstantiating a user home directory.
Module:
userdomain
Layer:
system
userdom_poly_tmp_template(
userdomain_prefix
)
The template for a polyinstantiated temporary directory.
Module:
userdomain
Layer:
system
userdom_privhome_user_template(
userdomain_prefix
)
The template for creating a unprivileged user.
Module:
userdomain
Layer:
system
userdom_read_user_home_content_files(
userdomain_prefix
,
domain
)
Read user home files.
Module:
userdomain
Layer:
system
userdom_read_user_home_content_symlinks(
userdomain_prefix
,
domain
)
Read user home subdirectory symbolic links.
Module:
userdomain
Layer:
system
userdom_read_user_tmp_files(
userdomain_prefix
,
domain
)
Read user temporary files.
Module:
userdomain
Layer:
system
userdom_read_user_tmp_symlinks(
userdomain_prefix
,
domain
)
Read user temporary symbolic links.
Module:
userdomain
Layer:
system
userdom_read_user_tmp_untrusted_content_files(
userdomain_prefix
,
domain
)
Read user temporary untrusted files.
Module:
userdomain
Layer:
system
userdom_read_user_tmp_untrusted_content_symlinks(
userdomain_prefix
,
domain
)
Read user temporary untrusted symbolic links.
Module:
userdomain
Layer:
system
userdom_read_user_tmpfs_files(
userdomain_prefix
)
The template for creating a tmpfs type that the user has full access.
Module:
userdomain
Layer:
system
userdom_read_user_untrusted_content_files(
userdomain_prefix
,
domain
)
Read user untrusted files.
Module:
userdomain
Layer:
system
userdom_read_user_untrusted_content_symlinks(
userdomain_prefix
,
domain
)
Read user untrusted symbolic links.
Module:
userdomain
Layer:
system
userdom_restricted_user_template(
userdomain_prefix
)
The template for creating a unprivileged login user.
Module:
userdomain
Layer:
system
userdom_ro_home_template(
userdomain_prefix
)
The template for creating a home directory that the user has read-only access.
Module:
userdomain
Layer:
system
userdom_role_change_auditadm(
prefix
)
Change to the auditadm user role.
Module:
userdomain
Layer:
system
userdom_role_change_from_auditadm(
prefix
)
Change from the auditadm user role.
Module:
userdomain
Layer:
system
userdom_role_change_from_generic_user(
prefix
)
Change from the generic user role.
Module:
userdomain
Layer:
system
userdom_role_change_from_secadm(
prefix
)
Change from the secadm user role.
Module:
userdomain
Layer:
system
userdom_role_change_from_staff(
prefix
)
Change from the staff user role.
Module:
userdomain
Layer:
system
userdom_role_change_from_sysadm(
prefix
)
Change from the sysadm user role.
Module:
userdomain
Layer:
system
userdom_role_change_generic_user(
prefix
)
Change to the generic user role.
Module:
userdomain
Layer:
system
userdom_role_change_secadm(
prefix
)
Change to the secadm user role.
Module:
userdomain
Layer:
system
userdom_role_change_sysadm(
prefix
)
Change to the sysadm user role.
Module:
userdomain
Layer:
system
userdom_role_change_template(
userdomain_prefix
)
The template for allowing the user to change roles.
Module:
userdomain
Layer:
system
userdom_rw_user_tmp_files(
userdomain_prefix
,
domain
)
Read and write user temporary files.
Module:
userdomain
Layer:
system
userdom_rw_user_tmpfs_files(
userdomain_prefix
,
domain
)
Read user tmpfs files.
Module:
userdomain
Layer:
system
userdom_search_user_home_dirs(
userdomain_prefix
,
domain
)
Search user home directories.
Module:
userdomain
Layer:
system
userdom_security_administrator(
userdomain_prefix
,
domain
,
role
,
object_class
)
Allow user to run as a secadm
Module:
userdomain
Layer:
system
userdom_setattr_user_ptys(
userdomain_prefix
,
domain
)
Set the attributes of a user pty.
Module:
userdomain
Layer:
system
userdom_setattr_user_ttys(
userdomain_prefix
,
domain
)
Set the attributes of a user domain tty.
Module:
userdomain
Layer:
system
userdom_tmp_filetrans_user_tmp(
userdomain_prefix
,
domain
,
object_class
)
Create objects in the temporary directory with an automatic type transition to the user temporary type.
Module:
userdomain
Layer:
system
userdom_transition_user_tmp(
userdomain_prefix
,
domain
,
class
)
Manage and create all files in /tmp on behalf of the user
Module:
userdomain
Layer:
system
userdom_unpriv_user_template(
userdomain_prefix
)
The template for creating a unprivileged user.
Module:
userdomain
Layer:
system
userdom_untrusted_content_template(
userdomain_prefix
)
The template for creating a set of types for untrusted content.
Module:
userdomain
Layer:
system
userdom_use_user_terminals(
userdomain_prefix
,
domain
)
Read and write a user domain tty and pty.
Module:
userdomain
Layer:
system
userdom_use_user_ttys(
userdomain_prefix
,
domain
)
Read and write a user domain tty.
Module:
userdomain
Layer:
system
userdom_user_home_content(
userdomain_prefix
,
type
)
Make the specified type usable in a user home directory.
Module:
userdomain
Layer:
system
userdom_user_home_dir_filetrans(
userdomain_prefix
,
domain
,
private_type
,
object_class
)
Create objects in a user home directory with an automatic type transition to a specified private type.
Module:
userdomain
Layer:
system
userdom_user_home_dir_filetrans_user_home_content(
userdomain_prefix
,
domain
,
object_class
)
Create objects in a user home directory with an automatic type transition to the user home file type.
Module:
userdomain
Layer:
system
userdom_user_home_domtrans(
userdomain_prefix
,
source_domain
,
target_domain
)
Do a domain transition to the specified domain when executing a program in the user home directory.
Module:
userdomain
Layer:
system
userdom_user_tmp_filetrans(
userdomain_prefix
,
domain
,
private_type
,
object_class
)
Create objects in a user temporary directory with an automatic type transition to a specified private type.
Module:
userdomain
Layer:
system
userdom_write_user_tmp_sockets(
userdomain_prefix
,
domain
)
Write to user temporary named sockets.
Module:
userdomain
Layer:
system
userdom_xwindows_client_template(
userdomain_prefix
)
The template for creating a user xwindows client.
Module:
userhelper
Layer:
apps
userhelper_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the userhelper module.
Module:
userhelper
Layer:
apps
userhelper_sigchld_user(
prefix
,
domain
)
Allow domain to send sigchld to userhelper.
Module:
userhelper
Layer:
apps
userhelper_use_user_fd(
prefix
,
domain
)
Allow domain to use userhelper file descriptor.
Module:
virt
Layer:
services
virt_domain_template(
prefix
)
Creates types and rules for a basic qemu process domain.
Module:
vmware
Layer:
apps
vmware_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the vmware module.
Module:
xserver
Layer:
services
xserver_common_domain_template(
prefix
)
Template to create types and rules common to all X server domains.
Module:
xserver
Layer:
services
xserver_domtrans_user_xauth(
userdomain_prefix
,
domain
)
Transition to a user Xauthority domain.
Module:
xserver
Layer:
services
xserver_per_role_template(
prefix
,
user_domain
,
user_role
)
The per role template for the xserver module.
Module:
xserver
Layer:
services
xserver_read_user_iceauth(
userdomain_prefix
,
domain
)
Read a user Iceauthority domain.
Module:
xserver
Layer:
services
xserver_read_user_xauth(
userdomain_prefix
,
domain
)
Read a user Xauthority domain.
Module:
xserver
Layer:
services
xserver_ro_session_template(
prefix
,
domain
,
tmpfs_type
)
Template for creating sessions on a prefix X server, with read-only access to the X server shared memory segments.
Module:
xserver
Layer:
services
xserver_rw_session_template(
prefix
,
domain
,
tmpfs_type
)
Template for creating sessions on a prefix X server, with read and write access to the X server shared memory segments.
Module:
xserver
Layer:
services
xserver_use_user_fonts(
userdomain_prefix
,
domain
)
Read user fonts, user font configuration, and manage the user font cache. |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0178 ]-- |