1107549Srwatson# $FreeBSD$ 2107549Srwatson# 3107549Srwatson# This is a sample LOMAC policy based upon the PLM defined in the 4107549Srwatson# original FreeBSD LOMAC port. It may be configured on a 5107549Srwatson# system via setfsmac(8). 6107549Srwatson 7107549Srwatson.* lomac/high 8107549Srwatson/sbin/dhclient lomac/high[low] 9107549Srwatson/dev(/.*)? lomac/equal 10107549Srwatson# This is not an exhaustive list of all "privileged" devices. 11107549Srwatson/dev/mdctl lomac/high 12107549Srwatson/dev/pci lomac/high 13107549Srwatson/dev/k?mem lomac/high 14107549Srwatson/dev/io lomac/high 15107549Srwatson/dev/agp.* lomac/high 16107549Srwatson(/var)?/tmp(/.*)? lomac/equal 17107549Srwatson/tmp/\.X11-unix lomac/high[equal] 18107549Srwatson/tmp/\.X11-unix/.* lomac/equal 19107549Srwatson/proc(/.*)? lomac/equal 20107549Srwatson/mnt.* lomac/low 21107549Srwatson(/usr)?/home lomac/high[low] 22107549Srwatson(/usr)?/home/.* lomac/low 23107549Srwatson/var/mail(/.*)? lomac/low 24107549Srwatson/var/spool/mqueue(/.*)? lomac/low 25107549Srwatson(/mnt)?/cdrom(/.*)? lomac/high 26107549Srwatson(/usr)?/home/(ftp|samba)(/.*)? lomac/high 27107549Srwatson/var/log/sendmail\.st lomac/low 28202756Sed/var/run/utx.active lomac/equal 29202756Sed/var/log/utx.(lastlogin|log) lomac/equal 30