3
# Each sensitivity has a name and zero or more aliases.
5
sensitivity unclassified alias u;
6
sensitivity confidential alias c;
7
sensitivity secret alias s;
8
sensitivity top_secret alias ts;
10
# Define the ordering of the sensitivity levels (least to greatest)
11
dominance { u c s ts }
13
# Define the categories
15
# Each category has a name and zero or more aliases.
23
# Identify which categories may be associated with which sensitivities
25
# Each MLS level specifies a sensitivity and zero or more categories which may
26
# be associated with that sensitivity.
30
level s:nocon, noforn;
31
level ts:nocon, noforn, nato, usuk;
34
# Map each permission to a set of MLS base permissions.
46
relabelfrom : { read write }
53
swapon : { read write }
54
quotaon : { read write }
55
mounton : { read write }
67
relabelfrom : { read write }
103
relabelfrom : { read write }
117
rmdir : { read write }
122
execute_no_trans : read
180
class unix_dgram_socket
182
class unix_stream_socket
199
ptrace : { read write }
207
share : { read write }
237
compute_create : none
238
compute_member : none
241
compute_relabel : none
251
syslog_console : none
258
dac_read_search : none
265
linux_immutable : none
266
net_bind_service : none
282
sys_tty_config : none
added
removed
mls
