share/security/lomac-policy.contexts

   1 #
   2 # This is a sample LOMAC policy based upon the PLM defined in the
   3 # original FreeBSD LOMAC port.  It may be configured on a
   4 # system via setfsmac(8).
   5
   6 .*                              lomac/high
   7 /sbin/dhclient                  lomac/high[low]
   8 /dev(/.*)?                      lomac/equal
   9 # This is not an exhaustive list of all "privileged" devices.
  10 /dev/mdctl                      lomac/high
  11 /dev/pci                        lomac/high
  12 /dev/k?mem                      lomac/high
  13 /dev/io                         lomac/high
  14 /dev/agp.*                      lomac/high
  15 (/var)?/tmp(/.*)?               lomac/equal
  16 /tmp/\.X11-unix                 lomac/high[equal]
  17 /tmp/\.X11-unix/.*              lomac/equal
  18 /proc(/.*)?                     lomac/equal
  19 /mnt.*                          lomac/low
  20 (/usr)?/home                    lomac/high[low]
  21 (/usr)?/home/.*                 lomac/low
  22 /var/mail(/.*)?                 lomac/low
  23 /var/spool/mqueue(/.*)?         lomac/low
  24 (/mnt)?/cdrom(/.*)?             lomac/high
  25 (/usr)?/home/(ftp|samba)(/.*)?  lomac/high
  26 /var/log/sendmail\.st           lomac/low
  27 /var/run/utx.active             lomac/equal
  28 /var/log/utx.(lastlogin|log)    lomac/equal