| Nick Kralevich | a17a266 | 2014-11-05 15:30:41 -0800 | [diff] [blame] | 1 | # |
| 2 | # Common neverallow permissions |
| 3 | define(`no_w_file_perms', `{ append create link unlink relabelfrom rename setattr write }') |
| Nick Kralevich | acc0842 | 2015-03-11 12:44:27 -0700 | [diff] [blame] | 4 | define(`no_rw_file_perms', `{ no_w_file_perms open read ioctl lock }') |
| Nick Kralevich | a17a266 | 2014-11-05 15:30:41 -0800 | [diff] [blame] | 5 | define(`no_x_file_perms', `{ execute execute_no_trans }') |
| 6 | define(`no_w_dir_perms', `{ add_name create link relabelfrom remove_name rename reparent rmdir setattr write }') |