security.psl.in template

The security.psl.in template is used to automatically generate a part of the security.psl file prior to building the Einit program using CMake tools.

The security.psl file contains part of the solution security policy description.

When using the security.psl.in template, you do not have to manually add EDL descriptions of system programs to the security.psl file.

The security.psl.in template must contain a manually created solution security policy description, including the following declarations:

To automatically include system programs, the @INIT_EXTERNAL_ENTITIES@ macro must be used.

Example security.psl.in template

security.psl.in

execute: kl.core.Execute

use nk.base._

use EDL Einit

use EDL kl.core.Core

use EDL Client

use EDL Server

@INIT_EXTERNAL_ENTITIES@

/* Startup of programs is allowed */

execute {

grant ()

}

/* Sending and receiving requests, responses and errors is allowed. */

request {

grant ()

}

response {

grant ()

}

error {

grant ()

}

/* Queries via the security interface are ignored. */

security {

grant ()

}

Page top