1*2d543d20SAndroid Build Coastguard Worker(class CLASS (PERM)) 2*2d543d20SAndroid Build Coastguard Worker(class C1 (p1a p1b p1c p1d p1e)) 3*2d543d20SAndroid Build Coastguard Worker(classorder (CLASS C1)) 4*2d543d20SAndroid Build Coastguard Worker(sid SID) 5*2d543d20SAndroid Build Coastguard Worker(sidorder (SID)) 6*2d543d20SAndroid Build Coastguard Worker(user USER) 7*2d543d20SAndroid Build Coastguard Worker(role ROLE) 8*2d543d20SAndroid Build Coastguard Worker(type TYPE) 9*2d543d20SAndroid Build Coastguard Worker(category CAT) 10*2d543d20SAndroid Build Coastguard Worker(categoryorder (CAT)) 11*2d543d20SAndroid Build Coastguard Worker(sensitivity SENS) 12*2d543d20SAndroid Build Coastguard Worker(sensitivityorder (SENS)) 13*2d543d20SAndroid Build Coastguard Worker(sensitivitycategory SENS (CAT)) 14*2d543d20SAndroid Build Coastguard Worker(allow TYPE self (CLASS (PERM))) 15*2d543d20SAndroid Build Coastguard Worker(roletype ROLE TYPE) 16*2d543d20SAndroid Build Coastguard Worker(userrole USER ROLE) 17*2d543d20SAndroid Build Coastguard Worker(userlevel USER (SENS)) 18*2d543d20SAndroid Build Coastguard Worker(userrange USER ((SENS)(SENS (CAT)))) 19*2d543d20SAndroid Build Coastguard Worker(sidcontext SID (USER ROLE TYPE ((SENS)(SENS)))) 20*2d543d20SAndroid Build Coastguard Worker 21*2d543d20SAndroid Build Coastguard Worker(type ta) 22*2d543d20SAndroid Build Coastguard Worker(type tb) 23*2d543d20SAndroid Build Coastguard Worker(type tc) 24*2d543d20SAndroid Build Coastguard Worker(type td) 25*2d543d20SAndroid Build Coastguard Worker 26*2d543d20SAndroid Build Coastguard Worker(typeattribute aab) 27*2d543d20SAndroid Build Coastguard Worker(typeattributeset aab (ta tb)) 28*2d543d20SAndroid Build Coastguard Worker 29*2d543d20SAndroid Build Coastguard Worker(typeattribute aac) 30*2d543d20SAndroid Build Coastguard Worker(typeattributeset aac (ta tc)) 31*2d543d20SAndroid Build Coastguard Worker 32*2d543d20SAndroid Build Coastguard Worker(typeattribute abc) 33*2d543d20SAndroid Build Coastguard Worker(typeattributeset abc (tb tc)) 34*2d543d20SAndroid Build Coastguard Worker 35*2d543d20SAndroid Build Coastguard Worker(typeattribute aabc) 36*2d543d20SAndroid Build Coastguard Worker(typeattributeset aabc (ta tb tc)) 37*2d543d20SAndroid Build Coastguard Worker 38*2d543d20SAndroid Build Coastguard Worker(typeattribute a_all_not_ta) 39*2d543d20SAndroid Build Coastguard Worker(typeattributeset a_all_not_ta (and (all) (not ta))) 40*2d543d20SAndroid Build Coastguard Worker 41*2d543d20SAndroid Build Coastguard Worker(typeattribute a_all_not_aab) 42*2d543d20SAndroid Build Coastguard Worker(typeattributeset a_all_not_aab (and (all) (not aab))) 43*2d543d20SAndroid Build Coastguard Worker 44*2d543d20SAndroid Build Coastguard Worker; Test 01 45*2d543d20SAndroid Build Coastguard Worker(allow ta notself (C1 (p1a))) 46*2d543d20SAndroid Build Coastguard Worker; (neverallow ta a_all_not_ta (C1 (p1a))) ; This check should fail 47*2d543d20SAndroid Build Coastguard Worker 48*2d543d20SAndroid Build Coastguard Worker; Test 02 49*2d543d20SAndroid Build Coastguard Worker(allow aab notself (C1 (p1b))) 50*2d543d20SAndroid Build Coastguard Worker; (neverallow aab a_all_not_aab (C1 (p1b))) ; This check should fail 51*2d543d20SAndroid Build Coastguard Worker 52*2d543d20SAndroid Build Coastguard Worker; Test 03 53*2d543d20SAndroid Build Coastguard Worker(allow aab other (C1 (p1c))) 54*2d543d20SAndroid Build Coastguard Worker; (neverallow ta tb (C1 (p1c))) ; This check should fail 55*2d543d20SAndroid Build Coastguard Worker; (neverallow tb ta (C1 (p1c))) ; This check should fail 56*2d543d20SAndroid Build Coastguard Worker 57*2d543d20SAndroid Build Coastguard Worker; Test 04 58*2d543d20SAndroid Build Coastguard Worker(allow aabc other (C1 (p1d))) 59*2d543d20SAndroid Build Coastguard Worker; (neverallow ta abc (C1 (p1d))) ; This check should fail 60*2d543d20SAndroid Build Coastguard Worker; (neverallow tb aac (C1 (p1d))) ; This check should fail 61*2d543d20SAndroid Build Coastguard Worker; (neverallow tc aab (C1 (p1d))) ; This check should fail 62*2d543d20SAndroid Build Coastguard Worker 63*2d543d20SAndroid Build Coastguard Worker; Test 05 64*2d543d20SAndroid Build Coastguard Worker(allow ta other (C1 (p1e))) ; other used with a single type results in no rule 65*2d543d20SAndroid Build Coastguard Worker(neverallow ta a_all_not_ta (C1 (p1e))) 66