Appendix A. Security Object Classes
Table 2-1 has been reproduced here as Table A-1 for convenient reference. Table A-1 summarizes the object classes defined by the current release of SELinux. The table is organized by object class within object class type. SELinux developers may change the roster of object classes in future releases of SELinux.
Table A-1. Security object classes
|
Class |
Description |
|---|---|
|
File classes | |
blk_file |
Block device file |
chr_file |
Character device file |
dir |
Directory |
fd |
File descriptor |
fifo_file |
FIFO file |
file |
File |
filesystem |
Formatted filesystem residing on disk partition |
lnk_file |
Hard or symbolic link |
sock_file |
Network socket file |
|
Interprocess communication classes | |
ipc |
(Obsolete) |
msg |
Interprocess communication message within queue |
msgq |
Interprocess communication queue |
sem |
Interprocess communication semaphore |
shm |
Interprocess communication shared memory |
|
Network classes | |
key_socket |
IPSec socket |
netif |
Network interface |
netlink_socket |
Socket used to communicate with kernel via the
|
node |
TCP/IP network host, as represented by IP address |
packet_socket |
Obsolete object type used by Linux 2.0 programs invoking the
|
rawip_socket |
Raw IP socket |
socket |
Generic socket |
tcp_socket |
TCP socket |
udp_socket |
UDP socket |
unix_dgram_socket |
Unix-domain datagram socket |
unix_stream_socket |
Unix-domain stream socket |
|
Object class | |
passwd |
Linux password file |
|
System classes | |
capability ... |
Get SELinux now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
