Skip to content

Commit 8883f6d

Browse files
cgzonescgzones
committed
secilc/test: add disjoint attributes rule
Signed-off-by: Christian Göttsche <[email protected]> --- v4: rename to disjointattributes
1 parent 70a62d4 commit 8883f6d

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

secilc/test/policy.cil

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -118,13 +118,17 @@
118118
(typeattribute foo_type)
119119
(typeattribute bar_type)
120120
(typeattribute baz_type)
121+
(typeattribute bad_type)
121122
(typeattribute not_bad_type)
123+
(typeattribute empty_type)
122124
(typeattributeset exec_type (or bin_t kernel_t))
123125
(typeattributeset foo_type (and exec_type kernel_t))
124126
(typeattributeset bar_type (xor exec_type foo_type))
125127
(typeattributeset baz_type (not bin_t))
126128
(typeattributeset baz_type (and exec_type (and bar_type bin_t)))
129+
(typeattributeset bad_type (bad_t))
127130
(typeattributeset not_bad_type (not bad_t))
131+
(disjointattributes (bad_type not_bad_type empty_type))
128132
(typealias sbin_t)
129133
(typealiasactual sbin_t bin_t)
130134
(typepermissive device_t)

0 commit comments

Comments
 (0)