lomac-policy.contexts revision 256281
113546Sjulian# $FreeBSD: stable/10/share/security/lomac-policy.contexts 202756 2010-01-21 17:25:12Z ed $ 235509Sjb# 313546Sjulian# This is a sample LOMAC policy based upon the PLM defined in the 413546Sjulian# original FreeBSD LOMAC port. It may be configured on a 513546Sjulian# system via setfsmac(8). 613546Sjulian 713546Sjulian.* lomac/high 813546Sjulian/sbin/dhclient lomac/high[low] 913546Sjulian/dev(/.*)? lomac/equal 1013546Sjulian# This is not an exhaustive list of all "privileged" devices. 1113546Sjulian/dev/mdctl lomac/high 1213546Sjulian/dev/pci lomac/high 1313546Sjulian/dev/k?mem lomac/high 1413546Sjulian/dev/io lomac/high 1513546Sjulian/dev/agp.* lomac/high 1613546Sjulian(/var)?/tmp(/.*)? lomac/equal 1713546Sjulian/tmp/\.X11-unix lomac/high[equal] 1813546Sjulian/tmp/\.X11-unix/.* lomac/equal 1913546Sjulian/proc(/.*)? lomac/equal 2013546Sjulian/mnt.* lomac/low 2113546Sjulian(/usr)?/home lomac/high[low] 2213546Sjulian(/usr)?/home/.* lomac/low 2349439Sdeischen/var/mail(/.*)? lomac/low 2413546Sjulian/var/spool/mqueue(/.*)? lomac/low 2513546Sjulian(/mnt)?/cdrom(/.*)? lomac/high 2613546Sjulian(/usr)?/home/(ftp|samba)(/.*)? lomac/high 2713546Sjulian/var/log/sendmail\.st lomac/low 2813546Sjulian/var/run/utx.active lomac/equal 2913546Sjulian/var/log/utx.(lastlogin|log) lomac/equal 3013546Sjulian