| blob | e01bd2842c60a5ab22d6ed0a058af29e37ca7df5 |
1 # $FreeBSD$
2 #
3 # This is a sample LOMAC policy based upon the PLM defined in the
4 # original FreeBSD LOMAC port. It may be configured on a
5 # system via setfsmac(8).
7 .* lomac/high
8 /sbin/dhclient lomac/high[low]
9 /dev(/.*)? lomac/equal
10 # This is not an exhaustive list of all "privileged" devices.
11 /dev/mdctl lomac/high
12 /dev/pci lomac/high
13 /dev/k?mem lomac/high
14 /dev/io lomac/high
15 /dev/agp.* lomac/high
16 (/var)?/tmp(/.*)? lomac/equal
17 /tmp/\.X11-unix lomac/high[equal]
18 /tmp/\.X11-unix/.* lomac/equal
19 /proc(/.*)? lomac/equal
20 /mnt.* lomac/low
21 (/usr)?/home lomac/high[low]
22 (/usr)?/home/.* lomac/low
23 /var/mail(/.*)? lomac/low
24 /var/spool/mqueue(/.*)? lomac/low
25 (/mnt)?/cdrom(/.*)? lomac/high
26 (/usr)?/home/(ftp|samba)(/.*)? lomac/high
27 /var/log/sendmail\.st lomac/low
28 /var/run/utmp lomac/equal
29 /var/log/(lastlog|wtmp) lomac/equal