def from_interface(self, interface): self.name = interface.name # Add allow rules for avrule in interface.avrules(): if avrule.rule_type != refpolicy.AVRule.ALLOW: continue # Handle some policy bugs if "dontaudit" in interface.name: #print "allow rule in interface: %s" % interface continue avs = access.avrule_to_access_vectors(avrule) for av in avs: self.add_av(av) # Extract paramaters from roles for role in interface.roles(): if role_extract_params(role, self.params): pass #print "found conflicting role param %s for interface %s" % \ # (role.name, interface.name) # Extract paramaters from type rules for rule in interface.typerules(): if type_rule_extract_params(rule, self.params): pass #print "found conflicting params in rule %s in interface %s" % \ # (str(rule), interface.name) for ifcall in interface.interface_calls(): if ifcall_extract_params(ifcall, self.params): pass
def from_interface(self, interface, attributes={}): self.name = interface.name # Add allow rules for avrule in interface.avrules(): if avrule.rule_type != refpolicy.AVRule.ALLOW: continue # Handle some policy bugs if "dontaudit" in interface.name: #print "allow rule in interface: %s" % interface continue avs = access.avrule_to_access_vectors(avrule) for av in avs: self.add_av(av) # Add typeattribute access if attributes != None: for typeattribute in interface.typeattributes(): for attr in typeattribute.attributes: if not attributes.attributes.has_key(attr): # print "missing attribute " + attr continue attr_vec = attributes.attributes[attr] for a in attr_vec.access: av = copy.copy(a) if av.src_type == attr_vec.name: av.src_type = typeattribute.type if av.tgt_type == attr_vec.name: av.tgt_type = typeattribute.type self.add_av(av) # Extract paramaters from roles for role in interface.roles(): if role_extract_params(role, self.params): pass #print "found conflicting role param %s for interface %s" % \ # (role.name, interface.name) # Extract paramaters from type rules for rule in interface.typerules(): if type_rule_extract_params(rule, self.params): pass #print "found conflicting params in rule %s in interface %s" % \ # (str(rule), interface.name) for ifcall in interface.interface_calls(): if ifcall_extract_params(ifcall, self.params): pass
def from_interface(self, interface, attributes={}): self.name = interface.name # Add allow rules for avrule in interface.avrules(): if avrule.rule_type != refpolicy.AVRule.ALLOW: continue # Handle some policy bugs if "dontaudit" in interface.name: #print "allow rule in interface: %s" % interface continue avs = access.avrule_to_access_vectors(avrule) for av in avs: self.add_av(av) # Add typeattribute access if attributes: for typeattribute in interface.typeattributes(): for attr in typeattribute.attributes: if not attributes.attributes.has_key(attr): # print "missing attribute " + attr continue attr_vec = attributes.attributes[attr] for a in attr_vec.access: av = copy.copy(a) if av.src_type == attr_vec.name: av.src_type = typeattribute.type if av.tgt_type == attr_vec.name: av.tgt_type = typeattribute.type self.add_av(av) # Extract paramaters from roles for role in interface.roles(): if role_extract_params(role, self.params): pass #print "found conflicting role param %s for interface %s" % \ # (role.name, interface.name) # Extract paramaters from type rules for rule in interface.typerules(): if type_rule_extract_params(rule, self.params): pass #print "found conflicting params in rule %s in interface %s" % \ # (str(rule), interface.name) for ifcall in interface.interface_calls(): if ifcall_extract_params(ifcall, self.params): pass