[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH 06/15] flask/policy: remove unused example

  • To: xen-devel@xxxxxxxxxxxxx
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
  • Date: Thu, 9 Jun 2016 10:47:09 -0400
  • Cc: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
  • Delivery-date: Thu, 09 Jun 2016 14:47:41 +0000
  • Ironport-phdr: 9a23:pKPB/hLabOeMOcq7sdmcpTZWNBhigK39O0sv0rFitYgULP3xwZ3uMQTl6Ol3ixeRBMOAu6MC1Led7PqocFdDyKjCmUhKSIZLWR4BhJdetC0bK+nBN3fGKuX3ZTcxBsVIWQwt1Xi6NU9IBJS2PAWK8TWM5DIfUi/yKRBybrysXNWC3oLoiqvtodX6WEZhunmUWftKNhK4rAHc5IE9oLBJDeIP8CbPuWZCYO9MxGlldhq5lhf44dqsrtY4q3wD888784Z8dYmyP+FiFf0LRAghZnA44ojnuAfOSSOL52AASSMGnxwOBBLKvz/gWZKkniL8t+d5kAWXdeLsRLk6EWCu4KtmRwXhoDsWPD4+tmfMg4p/i7wN80HpnAB234OBONLdD/F5ZK6IOIlCSA==
  • List-id: Xen developer discussion <xen-devel.lists.xen.org>
The access vectors defined here have never been used by xenstore.

Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
---
 tools/flask/policy/policy/access_vectors   | 23 ++---------------------
 tools/flask/policy/policy/security_classes |  1 -
 2 files changed, 2 insertions(+), 22 deletions(-)

diff --git a/tools/flask/policy/policy/access_vectors 
b/tools/flask/policy/policy/access_vectors
index 4fd61f1..d9c69c0 100644
--- a/tools/flask/policy/policy/access_vectors
+++ b/tools/flask/policy/policy/access_vectors
@@ -1,24 +1,5 @@
 # Locally defined access vectors
 #
-# Define access vectors for the security classes defined in security_classes
+# Define access vectors for the security classes defined in security_classes.
+# Access vectors defined in this file should not be used by the hypervisor.
 #
-
-# Note: this is an example; the xenstore daemon provided with Xen does
-# not yet include XSM support, and the exact permissions may be defined
-# differently if such support is added.
-class xenstore {
-       # read from keys owned by the target domain (if permissions allow)
-       read
-       # write to keys owned by the target domain (if permissions allow)
-       write
-       # change permissions of a key owned by the target domain
-       chmod
-       # change the owner of a key which was owned by the target domain
-       chown_from
-       # change the owner of a key to the target domain
-       chown_to
-       # access a key owned by the target domain without permission
-       override
-       # introduce a domain
-       introduce
-}
diff --git a/tools/flask/policy/policy/security_classes 
b/tools/flask/policy/policy/security_classes
index 56595e8..0f0f9f3 100644
--- a/tools/flask/policy/policy/security_classes
+++ b/tools/flask/policy/policy/security_classes
@@ -5,4 +5,3 @@
 # security policy.
 #
 # Access vectors for these classes must be defined in the access_vectors file.
-class xenstore
-- 
2.5.5


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.