flask/policy: remove unused example

The access vectors defined here have never been used by xenstore.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Doug Goldstein <cardoe@cardoe.com>

diff --git a/tools/flask/policy/policy/access_vectors b/tools/flask/policy/policy/access_vectors
index 4fd61f1a599291d4a0f8a6c27b9663fe19b07109..d9c69c034f54e87de58dd7019a157600e12da7e9 100644 (file)
--- a/tools/flask/policy/policy/access_vectors
+++ b/tools/flask/policy/policy/access_vectors
@@ -1,24 +1,5 @@
 # Locally defined access vectors
 #
-# Define access vectors for the security classes defined in security_classes
+# Define access vectors for the security classes defined in security_classes.
+# Access vectors defined in this file should not be used by the hypervisor.
 #
-
-# Note: this is an example; the xenstore daemon provided with Xen does
-# not yet include XSM support, and the exact permissions may be defined
-# differently if such support is added.
-class xenstore {
-       # read from keys owned by the target domain (if permissions allow)
-       read
-       # write to keys owned by the target domain (if permissions allow)
-       write
-       # change permissions of a key owned by the target domain
-       chmod
-       # change the owner of a key which was owned by the target domain
-       chown_from
-       # change the owner of a key to the target domain
-       chown_to
-       # access a key owned by the target domain without permission
-       override
-       # introduce a domain
-       introduce
-}

diff --git a/tools/flask/policy/policy/security_classes b/tools/flask/policy/policy/security_classes
index 56595e8c594eb1cecf069d19bf3742c7fc84b32e..0f0f9f30a4685b530bc466e934ebab2fd3b962ea 100644 (file)
--- a/tools/flask/policy/policy/security_classes
+++ b/tools/flask/policy/policy/security_classes
@@ -5,4 +5,3 @@
 # security policy.
 #
 # Access vectors for these classes must be defined in the access_vectors file.
-class xenstore