In progress of refining the Tomoyo policies for process jailing; will define a set...
[iot2.git] / localconfig / tomoyo / SmartLightsController.tomoyo.pol
1 <kernel> /usr/sbin/sshd /bin/bash /home/iotuser/iot2/iotjava/iotruntime/ /usr/bin/java
2 use_profile 3
3 use_group 0
5 misc env MAIL
6 misc env SSH_CLIENT
7 misc env USER
8 misc env SHLVL
9 misc env HOME
10 misc env OLDPWD
11 misc env LOGNAME
12 misc env _
13 misc env XDG_SESSION_ID
14 misc env PATH
15 misc env XDG_RUNTIME_DIR
16 misc env LANG
17 misc env SHELL
18 misc env PWD
19 misc env SSH_CONNECTION
20 file read /etc/
21 file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/\*.so
22 file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/\*.cfg
23 file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/client/\*.so
24 file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\*
25 file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\*.jar
26 file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/ext/\*
27 file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/security/\*
28 file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/arm/jli/\*.so
29 file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\*.jar
30 file read /usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/\*.dat
31 network unix stream connect /var/run/nscd/socket
32 file read /etc/nsswitch.conf
33 file read /etc/passwd
34 file create /tmp/hsperfdata_iotuser/\* 0600
35 file read/write/unlink/truncate /tmp/hsperfdata_iotuser/\*
36 file read /sys/devices/system/cpu/online
37 file read /usr/lib/locale/locale-archive
38 file write/truncate /home/iotuser/.oracle_jre_usage/81970c018e7540cf.timestamp
39 file read /usr/share/java/\*.jar
40 file read /home/iotuser/iot2/iotjava/iotruntime/slave/\*.class
41 file read /home/iotuser/iot2/iotjava/iotruntime/\*.config
42 network inet stream connect ::ffff:<master-ip-address> <master-com-port>
43 file read /home/iotuser/iot2/iotjava/iotruntime/master/\*.class
44 file read /home/iotuser/iot2/iotjava/iotruntime/messages/\*.class
45 file read /dev/random
46 file read /dev/urandom
47 file create /home/iotuser/iot2/iotjava/iotruntime/SmartLightsController.jar 0666
48 file read/write /home/iotuser/iot2/iotjava/iotruntime/SmartLightsController.jar
49 file read /home/iotuser/iot2/iotjava/SmartLightsController/\*.class
50 file read /home/iotuser/iot2/iotjava/iotrmi/Java/\*.class
51 file ioctl socket:[family=10:type=1:protocol=6] 0x541B
52 file read /etc/timezone
53 file read /usr/share/locale/en_GB/LC_MESSAGES/
54 file create /tmp/imageio\*.tmp 0600
55 file read/write/unlink /tmp/imageio\*.tmp
56 file read/write /tmp/imageio\*.tmp