[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH 06/17] flask/policy: remove unused example

  • To: xen-devel@xxxxxxxxxxxxx
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
  • Date: Mon, 20 Jun 2016 10:04:15 -0400
  • Cc: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
  • Delivery-date: Mon, 20 Jun 2016 14:04:56 +0000
  • Ironport-phdr: 9a23:+uNorxEx4fmbAAThSEq3qJ1GYnF86YWxBRYc798ds5kLTJ75oc2wAkXT6L1XgUPTWs2DsrQf27uQ4v2rBzNIyK3CmU5BWaQEbwUCh8QSkl5oK+++Imq/EsTXaTcnFt9JTl5v8iLzG0FUHMHjew+a+SXqvnYsExnyfTB4Ov7yUtaLyZ/nhqbjptaNPE1hv3mUX/BbFF2OtwLft80b08NJC50a7V/3mEZOYPlc3mhyJFiezF7W78a0+4N/oWwL46pyv/NaVe3GW4hwDfkCVHV1e1wysd3ms1zPQBWC4lMYU34KiVxYDg6D6wv1DbnrtS6vmuN72SSedeH7BZ8uUD2sp/NnRxPlhz0OHyIo+2HQzMprheRUpwz39E83+JLdfIzAbKk2RajaZ95PADAZUw==
  • List-id: Xen developer discussion <xen-devel.lists.xen.org>
The access vectors defined here have never been used by xenstore.

Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
Reviewed-by: Doug Goldstein <cardoe@xxxxxxxxxx>
---
 tools/flask/policy/policy/access_vectors   | 23 ++---------------------
 tools/flask/policy/policy/security_classes |  1 -
 2 files changed, 2 insertions(+), 22 deletions(-)

diff --git a/tools/flask/policy/policy/access_vectors 
b/tools/flask/policy/policy/access_vectors
index 4fd61f1..d9c69c0 100644
--- a/tools/flask/policy/policy/access_vectors
+++ b/tools/flask/policy/policy/access_vectors
@@ -1,24 +1,5 @@
 # Locally defined access vectors
 #
-# Define access vectors for the security classes defined in security_classes
+# Define access vectors for the security classes defined in security_classes.
+# Access vectors defined in this file should not be used by the hypervisor.
 #
-
-# Note: this is an example; the xenstore daemon provided with Xen does
-# not yet include XSM support, and the exact permissions may be defined
-# differently if such support is added.
-class xenstore {
-       # read from keys owned by the target domain (if permissions allow)
-       read
-       # write to keys owned by the target domain (if permissions allow)
-       write
-       # change permissions of a key owned by the target domain
-       chmod
-       # change the owner of a key which was owned by the target domain
-       chown_from
-       # change the owner of a key to the target domain
-       chown_to
-       # access a key owned by the target domain without permission
-       override
-       # introduce a domain
-       introduce
-}
diff --git a/tools/flask/policy/policy/security_classes 
b/tools/flask/policy/policy/security_classes
index 56595e8..0f0f9f3 100644
--- a/tools/flask/policy/policy/security_classes
+++ b/tools/flask/policy/policy/security_classes
@@ -5,4 +5,3 @@
 # security policy.
 #
 # Access vectors for these classes must be defined in the access_vectors file.
-class xenstore
-- 
2.7.4


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.