next up previous contents
Next: 3.6 Integrated permissions for Up: 3 Integrated permissions by Previous: 3.4 Permissions integrated in   Contents

3.5 Integrated permissions for allownet rules


Table 37: Option:tcp suboption:use
Object class Permission Domain Type
tcp_socket accept domain type
  append    
  bind    
  connect    
  create    
  getattr    
  getopt    
  ioctl    
  listen    
  lock    
  read    
  setattr    
  setopt    
  shutdown    
  write    


Table 38: Option:udp suboption:use
Object class Permission Domain Type
udp_socket accept domain type
  append    
  bind    
  connect    
  create    
  getattr    
  getopt    
  ioctl    
  listen    
  lock    
  read    
  setattr    
  setopt    
  shutdown    
  write    


Table 39: Option:raw suboption:use
Object class Permission Domain Type
rawip_socket accept domain type
  bind    
  connect    
  create    
  getattr    
  getopt    
  ioctl    
  listen    
  lock    
  setattr    
  setopt    
  shutdown    
rawip_socket append domain type
  read    
  write    
capability net_raw domain self


Table 40: Option:tcp suboption:server
Object class Permission Domain Type
tcp_socket name_bind domain type
tcp_socket recv_msg domain port_type
  send_msg    


Table 41: Option:tcp suboption:client
Object class Permission Domain Type
tcp_socket name_connect domain type
  recv_msg    
  send_msg    


Table 42: Option:udp suboption:server
Object class Permission Domain Type
udp_socket name_bind domain type
udp_socket recv_msg domain unpriv_port_type
  send_msg    


Table 43: Option:udp suboption:client
Object class Permission Domain Type
udp_socket recv_msg domain type
  send_msg    


Table 44: Option:node suboption:tcp_send
Object class Permission Domain Type
node tcp_send domain type


Table 45: Option:node suboption:udp_send
Object class Permission Domain Type
node udp_send domain type


Table 46: Option:node suboption:rawip_send
Object class Permission Domain Type
node rawip_send domain type


Table 47: Option:node suboption:tcp_recv
Object class Permission Domain Type
node tcp_recv domain type


Table 48: Option:node suboption:udp_recv
Object class Permission Domain Type
node udp_recv domain type


Table 49: Option:node suboption:rawip_recv
Object class Permission Domain Type
node rawip_recv domain type


Table 50: Option:node suboption:tcp_bind
Object class Permission Domain Type
tcp_socket node_bind domain type


Table 51: Option:node suboption:udp_bind
Object class Permission Domain Type
udp_socket node_bind domain type


Table 52: Option:node suboption:rawip_bind
Object class Permission Domain Type
rawip_socket node_bind domain type


Table 53: Option:netif suboption:tcp_send
Object class Permission Domain Type
netif tcp_send domain type


Table 54: Option:netif suboption:udp_send
Object class Permission Domain Type
netif udp_send domain type


Table 55: Option:netif suboption:rawip_send
Object class Permission Domain Type
netif rawip_send domain type


Table 56: Option:netif suboption:tcp_recv
Object class Permission Domain Type
netif tcp_recv domain type


Table 57: Option:netif suboption:udp_recv
Object class Permission Domain Type
netif udp_recv domain type


Table 58: Option:netif suboption:rawip_recv
Object class Permission Domain Type
netif rawip_recv domain type

next up previous contents
Next: 3.6 Integrated permissions for Up: 3 Integrated permissions by Previous: 3.4 Permissions integrated in   Contents
Yuichi Nakamura 2006-11-13