pump ACL

Submit your RBAC policies or suggest policy improvements

pump ACL

Postby Gnea » Thu Oct 02, 2003 5:46 pm

This one's for 1.9, I caved in and wrote this just to keep an internet connection open.. this could probably use some tweaking, so edit to your system:

/sbin/pump oAXd {
/ h
/lib rx
/usr/lib rx
/etc rx
/etc/grsec h
/etc/ld.so.cache r
/etc/nsswitch.conf r
/etc/services r
/etc/resolv.conf rw
/var/run rx
/var/run/pump.sock rw
/proc/uptime r
/usr/share/zoneinfo/America rx
/dev/log rw

-CAP_ALL
+CAP_NET_BIND_SERVICE
+CAP_NET_RAW
+CAP_NET_ADMIN
+CAP_SYS_CHROOT
+CAP_SETPCAP

connect {
0.0.0.0/0:68 stream tcp
0.0.0.0/0:68 dgram udp
}

bind {
0.0.0.0/0:68 stream tcp
}
}
Gnea
 
Posts: 3
Joined: Mon Sep 22, 2003 3:51 am

Return to RBAC policy development