From: Daniel De Graaf Date: Mon, 20 Jun 2016 14:04:15 +0000 (-0400) Subject: flask/policy: remove unused example X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~891 X-Git-Url: https://dgit.raspbian.org/%22http:/www.example.com/cgi/%22https:/%22bookmarks://%22/%22http:/www.example.com/cgi/%22https:/%22bookmarks:/%22?a=commitdiff_plain;h=b49839ef4e6ba183503912d169df7635e1c6df54;p=xen.git flask/policy: remove unused example The access vectors defined here have never been used by xenstore. Signed-off-by: Daniel De Graaf Reviewed-by: Konrad Rzeszutek Wilk Reviewed-by: Doug Goldstein --- diff --git a/tools/flask/policy/policy/access_vectors b/tools/flask/policy/policy/access_vectors index 4fd61f1a59..d9c69c034f 100644 --- a/tools/flask/policy/policy/access_vectors +++ b/tools/flask/policy/policy/access_vectors @@ -1,24 +1,5 @@ # Locally defined access vectors # -# Define access vectors for the security classes defined in security_classes +# Define access vectors for the security classes defined in security_classes. +# Access vectors defined in this file should not be used by the hypervisor. # - -# Note: this is an example; the xenstore daemon provided with Xen does -# not yet include XSM support, and the exact permissions may be defined -# differently if such support is added. -class xenstore { - # read from keys owned by the target domain (if permissions allow) - read - # write to keys owned by the target domain (if permissions allow) - write - # change permissions of a key owned by the target domain - chmod - # change the owner of a key which was owned by the target domain - chown_from - # change the owner of a key to the target domain - chown_to - # access a key owned by the target domain without permission - override - # introduce a domain - introduce -} diff --git a/tools/flask/policy/policy/security_classes b/tools/flask/policy/policy/security_classes index 56595e8c59..0f0f9f30a4 100644 --- a/tools/flask/policy/policy/security_classes +++ b/tools/flask/policy/policy/security_classes @@ -5,4 +5,3 @@ # security policy. # # Access vectors for these classes must be defined in the access_vectors file. -class xenstore