Xen project Mailing List

Re: [Xen-devel] [PATCH 06/15] flask/policy: remove unused example

To: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>

From: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>

Date: Fri, 17 Jun 2016 11:34:59 -0400

Delivery-date: Fri, 17 Jun 2016 15:35:06 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Thu, Jun 09, 2016 at 10:47:09AM -0400, Daniel De Graaf wrote: > The access vectors defined here have never been used by xenstore. > > Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> > --- > tools/flask/policy/policy/access_vectors | 23 ++--------------------- > tools/flask/policy/policy/security_classes | 1 - > 2 files changed, 2 insertions(+), 22 deletions(-) > > diff --git a/tools/flask/policy/policy/access_vectors > b/tools/flask/policy/policy/access_vectors > index 4fd61f1..d9c69c0 100644 > --- a/tools/flask/policy/policy/access_vectors > +++ b/tools/flask/policy/policy/access_vectors > @@ -1,24 +1,5 @@ > # Locally defined access vectors > # > -# Define access vectors for the security classes defined in security_classes > +# Define access vectors for the security classes defined in security_classes. > +# Access vectors defined in this file should not be used by the hypervisor. > # > - > -# Note: this is an example; the xenstore daemon provided with Xen does > -# not yet include XSM support, and the exact permissions may be defined > -# differently if such support is added. > -class xenstore { > - # read from keys owned by the target domain (if permissions allow) > - read > - # write to keys owned by the target domain (if permissions allow) > - write > - # change permissions of a key owned by the target domain > - chmod > - # change the owner of a key which was owned by the target domain > - chown_from > - # change the owner of a key to the target domain > - chown_to > - # access a key owned by the target domain without permission > - override > - # introduce a domain > - introduce > -} > diff --git a/tools/flask/policy/policy/security_classes > b/tools/flask/policy/policy/security_classes > index 56595e8..0f0f9f3 100644 > --- a/tools/flask/policy/policy/security_classes > +++ b/tools/flask/policy/policy/security_classes > @@ -5,4 +5,3 @@ > # security policy. > # > # Access vectors for these classes must be defined in the access_vectors > file. > -class xenstore > -- > 2.5.5 > > > _______________________________________________ > Xen-devel mailing list > Xen-devel@xxxxxxxxxxxxx > http://lists.xen.org/xen-devel _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.