share/security/lomac-policy.contexts

   1 # $FreeBSD$
   2 #
   3 # This is a sample LOMAC policy based upon the PLM defined in the
   4 # original FreeBSD LOMAC port.  It may be configured on a
   5 # system via setfsmac(8).
   6
   7 .*                              lomac/high
   8 /sbin/dhclient                  lomac/high[low]
   9 /dev(/.*)?                      lomac/equal
  10 # This is not an exhaustive list of all "privileged" devices.
  11 /dev/mdctl                      lomac/high
  12 /dev/pci                        lomac/high
  13 /dev/k?mem                      lomac/high
  14 /dev/io                         lomac/high
  15 /dev/agp.*                      lomac/high
  16 (/var)?/tmp(/.*)?               lomac/equal
  17 /tmp/\.X11-unix                 lomac/high[equal]
  18 /tmp/\.X11-unix/.*              lomac/equal
  19 /proc(/.*)?                     lomac/equal
  20 /mnt.*                          lomac/low
  21 (/usr)?/home                    lomac/high[low]
  22 (/usr)?/home/.*                 lomac/low
  23 /var/mail(/.*)?                 lomac/low
  24 /var/spool/mqueue(/.*)?         lomac/low
  25 (/mnt)?/cdrom(/.*)?             lomac/high
  26 (/usr)?/home/(ftp|samba)(/.*)?  lomac/high
  27 /var/log/sendmail\.st           lomac/low
  28 /var/run/utx.active             lomac/equal
  29 /var/log/utx.(lastlogin|log)    lomac/equal