udica-templates: initial commit of udica templates

Signed-off-by: Kenton Groombridge <me@concord.sh> Signed-off-by: Jason Zaman <perfinion@gentoo.org>
author: Kenton Groombridge <me@concord.sh> 2022-02-03 11:07:11 -0500
committer: Jason Zaman <perfinion@gentoo.org> 2022-09-03 11:41:55 -0700
commit: 0badc3e5eb974a3427113368cf45198e1412b4b7 (patch)
tree: 44409b3bcff2554749b2025483e3c9db4ec80ad8 /udica-templates/tty_container.cil
parent: Add a vulnerability handling process. (diff)
download: hardened-refpolicy-0badc3e5eb974a3427113368cf45198e1412b4b7.tar.gz
hardened-refpolicy-0badc3e5eb974a3427113368cf45198e1412b4b7.tar.bz2
hardened-refpolicy-0badc3e5eb974a3427113368cf45198e1412b4b7.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/udica-templates/tty_container.cil b/udica-templates/tty_container.cil
new file mode 100644
index 000000000..b460dfe43
--- /dev/null
+++ b/udica-templates/tty_container.cil
@@ -0,0 +1,10 @@
+(block tty_container
+	(blockabstract tty_container)
+
+	(optional tty_container_optional
+		(allow process device_t list_dir_perms)
+		(allow process device_t read_lnk_file_perms)
+
+		(allow process devtty_t rw_chr_file_perms)
+	)
+)
author	Kenton Groombridge <me@concord.sh>	2022-02-03 11:07:11 -0500
committer	Jason Zaman <perfinion@gentoo.org>	2022-09-03 11:41:55 -0700
commit	0badc3e5eb974a3427113368cf45198e1412b4b7 (patch)
tree	44409b3bcff2554749b2025483e3c9db4ec80ad8 /udica-templates/tty_container.cil
parent	Add a vulnerability handling process. (diff)
download	hardened-refpolicy-0badc3e5eb974a3427113368cf45198e1412b4b7.tar.gz hardened-refpolicy-0badc3e5eb974a3427113368cf45198e1412b4b7.tar.bz2 hardened-refpolicy-0badc3e5eb974a3427113368cf45198e1412b4b7.zip