<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> - <a href='apps_ada.html'> ada</a><br/> - <a href='apps_authbind.html'> authbind</a><br/> - <a href='apps_awstats.html'> awstats</a><br/> - <a href='apps_calamaris.html'> calamaris</a><br/> - <a href='apps_cdrecord.html'> cdrecord</a><br/> - <a href='apps_chrome.html'> chrome</a><br/> - <a href='apps_cpufreqselector.html'> cpufreqselector</a><br/> - <a href='apps_ethereal.html'> ethereal</a><br/> - <a href='apps_evolution.html'> evolution</a><br/> - <a href='apps_execmem.html'> execmem</a><br/> - <a href='apps_firewallgui.html'> firewallgui</a><br/> - <a href='apps_games.html'> games</a><br/> - <a href='apps_gift.html'> gift</a><br/> - <a href='apps_gitosis.html'> gitosis</a><br/> - <a href='apps_gnome.html'> gnome</a><br/> - <a href='apps_gpg.html'> gpg</a><br/> - <a href='apps_irc.html'> irc</a><br/> - <a href='apps_java.html'> java</a><br/> - <a href='apps_kdumpgui.html'> kdumpgui</a><br/> - <a href='apps_livecd.html'> livecd</a><br/> - <a href='apps_loadkeys.html'> loadkeys</a><br/> - <a href='apps_lockdev.html'> lockdev</a><br/> - <a href='apps_mediawiki.html'> mediawiki</a><br/> - <a href='apps_mono.html'> mono</a><br/> - <a href='apps_mozilla.html'> mozilla</a><br/> - <a href='apps_mplayer.html'> mplayer</a><br/> - <a href='apps_namespace.html'> namespace</a><br/> - <a href='apps_nsplugin.html'> nsplugin</a><br/> - <a href='apps_openoffice.html'> openoffice</a><br/> - <a href='apps_podsleuth.html'> podsleuth</a><br/> - <a href='apps_ptchown.html'> ptchown</a><br/> - <a href='apps_pulseaudio.html'> pulseaudio</a><br/> - <a href='apps_qemu.html'> qemu</a><br/> - <a href='apps_rssh.html'> rssh</a><br/> - <a href='apps_sambagui.html'> sambagui</a><br/> - <a href='apps_sandbox.html'> sandbox</a><br/> - <a href='apps_screen.html'> screen</a><br/> - <a href='apps_seunshare.html'> seunshare</a><br/> - <a href='apps_slocate.html'> slocate</a><br/> - <a href='apps_telepathy.html'> telepathy</a><br/> - <a href='apps_thunderbird.html'> thunderbird</a><br/> - <a href='apps_tvtime.html'> tvtime</a><br/> - <a href='apps_uml.html'> uml</a><br/> - <a href='apps_userhelper.html'> userhelper</a><br/> - <a href='apps_usernetctl.html'> usernetctl</a><br/> - <a href='apps_vmware.html'> vmware</a><br/> - <a href='apps_webalizer.html'> webalizer</a><br/> - <a href='apps_wine.html'> wine</a><br/> - <a href='apps_wireshark.html'> wireshark</a><br/> - <a href='apps_wm.html'> wm</a><br/> - <a href='apps_xscreensaver.html'> xscreensaver</a><br/> - <a href='apps_yam.html'> yam</a><br/> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> </div> <a href="roles.html">+ roles</a></br/> <div id='subitem'> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="booleans.html">* Boolean Index</a> <br/><p/> <a href="tunables.html">* Tunable Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <a name="top":></a> <h1>Layer: apps</h1><p/> <h2>Module: nsplugin</h2><p/> <a href=#tunables>Tunables</a> <a href=#interfaces>Interfaces</a> <h3>Description:</h3> <p><p>policy for nsplugin</p></p> <hr> <a name="tunables"></a> <h3>Tunables: </h3> <a name="link_allow_nsplugin_execmem"></a> <div id="interface"> <div id="codeblock">allow_nsplugin_execmem</div> <div id="description"> <h5>Default value</h5> <p>false</p> <h5>Description</h5> <p> </p><p> Allow nsplugin code to execmem/execstack </p><p> </p> </div></div> <a name="link_nsplugin_can_network"></a> <div id="interface"> <div id="codeblock">nsplugin_can_network</div> <div id="description"> <h5>Default value</h5> <p>true</p> <h5>Description</h5> <p> </p><p> Allow nsplugin code to connect to unreserved ports </p><p> </p> </div></div> <a href=#top>Return</a> <a name="interfaces"></a> <h3>Interfaces: </h3> <a name="link_nsplugin_domtrans"></a> <div id="interface"> <div id="codeblock"> <b>nsplugin_domtrans</b>( user_domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> The per role template for the nsplugin module. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> user_domain </td><td> <p> The type of the user domain. </p> </td></tr> </table> </div> </div> <a name="link_nsplugin_domtrans_config"></a> <div id="interface"> <div id="codeblock"> <b>nsplugin_domtrans_config</b>( user_domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> The per role template for the nsplugin module. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> user_domain </td><td> <p> The type of the user domain. </p> </td></tr> </table> </div> </div> <a name="link_nsplugin_exec_domtrans"></a> <div id="interface"> <div id="codeblock"> <b>nsplugin_exec_domtrans</b>( domain , target_domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute nsplugin_exec_t in the specified domain. </p> <h5>Description</h5> <p> </p><p> Execute a nsplugin_exec_t in the specified domain. </p><p> </p><p> No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> target_domain </td><td> <p> The type of the new process. </p> </td></tr> </table> </div> </div> <a name="link_nsplugin_manage_home_files"></a> <div id="interface"> <div id="codeblock"> <b>nsplugin_manage_home_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete nsplugin home files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nsplugin_manage_rw"></a> <div id="interface"> <div id="codeblock"> <b>nsplugin_manage_rw</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage nsplugin rw files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nsplugin_manage_rw_files"></a> <div id="interface"> <div id="codeblock"> <b>nsplugin_manage_rw_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete nsplugin rw files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nsplugin_read_home"></a> <div id="interface"> <div id="codeblock"> <b>nsplugin_read_home</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read nsplugin home files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nsplugin_read_rw_files"></a> <div id="interface"> <div id="codeblock"> <b>nsplugin_read_rw_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read nsplugin rw files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nsplugin_role"></a> <div id="interface"> <div id="codeblock"> <b>nsplugin_role</b>( userdomain_prefix , user_role , user_domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Role access for nsplugin </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td></tr> <tr><td> user_role </td><td> <p> The role associated with the user domain. </p> </td></tr> <tr><td> user_domain </td><td> <p> The type of the user domain. </p> </td></tr> </table> </div> </div> <a name="link_nsplugin_role_notrans"></a> <div id="interface"> <div id="codeblock"> <b>nsplugin_role_notrans</b>( userdomain_prefix , user_domain , user_role )<br> </div> <div id="description"> <h5>Summary</h5> <p> The per role template for the nsplugin module. </p> <h5>Description</h5> <p> </p><p> This template creates a derived domains which are used for nsplugin web browser. </p><p> </p><p> This template is invoked automatically for each user, and generally does not need to be invoked directly by policy writers. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td></tr> <tr><td> user_domain </td><td> <p> The type of the user domain. </p> </td></tr> <tr><td> user_role </td><td> <p> The role associated with the user domain. </p> </td></tr> </table> </div> </div> <a name="link_nsplugin_rw_exec"></a> <div id="interface"> <div id="codeblock"> <b>nsplugin_rw_exec</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Exec nsplugin rw files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nsplugin_rw_pipes"></a> <div id="interface"> <div id="codeblock"> <b>nsplugin_rw_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow attempts to read and write to nsplugin named pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_nsplugin_rw_semaphores"></a> <div id="interface"> <div id="codeblock"> <b>nsplugin_rw_semaphores</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow read and write access to nsplugin semaphores. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nsplugin_rw_shm"></a> <div id="interface"> <div id="codeblock"> <b>nsplugin_rw_shm</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write to nsplugin shared memory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> The type of the process performing this action. </p> </td></tr> </table> </div> </div> <a name="link_nsplugin_search_rw_dir"></a> <div id="interface"> <div id="codeblock"> <b>nsplugin_search_rw_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search nsplugin rw directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a href=#top>Return</a> </div> </body> </html>