1 Policy: /usr/bin/lynx, Emulation: native Policy: /usr/bin/lynx, Emulation: native 2 native-issetugid: permit < 3 native-mprotect: permit < 4 native-mmap: permit < 5 native-__sysctl: permit native-__sysctl: permit 6 native-fsread: filename eq "/var/run/ld.so.hints" then pe < 7 native-fstat: permit < 8 native-close: permit native-close: permit 9 native-fsread: filename match "/usr/lib/libssl.so.*" then | native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe 10 native-read: permit | native-connect: sockaddr match "inet-\\\[*\\\]:80" then p 11 native-fsread: filename match "/usr/lib/libcrypto.so.*" t | native-exit: permit 12 native-fsread: filename match "/usr/lib/libncurses.so.*" | native-fcntl: cmd eq "F_SETFD" then permit 13 native-fsread: filename match "/usr/lib/libc.so.*" then p | native-fsread: filename eq "/" then permit 14 native-munmap: permit | native-fsread: filename match "/<non-existent filename>: 15 native-sigprocmask: permit | native-fsread: filename eq "/etc/lynx.cfg" then permit 16 native-fsread: filename eq "/etc/malloc.conf" then permit native-fsread: filename eq "/etc/malloc.conf" then permit 17 native-getpid: permit | native-fsread: filename eq "/etc/resolv.conf" then permit 18 > native-fsread: filename eq "/etc/utmp" then permit 19 > native-fsread: filename eq "/home" then permit 20 > native-fsread: filename eq "$HOME" then permit 21 > native-fsread: filename eq "$HOME/.lynx-keymaps" then per 22 > native-fsread: filename eq "$HOME/.lynxrc" then permit 23 > native-fsread: filename eq "$HOME/.mailcap" then permit 24 > native-fsread: filename eq "$HOME/.mime.types" then permi 25 > native-fsread: filename eq "$HOME/.terminfo" then permit 26 > native-fsread: filename eq "$HOME/.terminfo.db" then perm 27 > native-fsread: filename eq "/obj" then permit 28 native-fsread: filename eq "/tmp" then permit native-fsread: filename eq "/tmp" then permit 29 native-fswrite: filename match "/tmp/lynx-*" then permit native-fsread: filename match "/tmp/lynx-*/." then permit 30 native-fsread: filename match "/tmp/lynx-*/." then permit ( 31 native-fsread: filename eq "$HOME" then permit < 32 native-fsread: filename eq "/etc/lynx.cfg" then permit < 33 native-fsread: filename eq "/" then permit < 34 native-fsread: filename eq "/usr/obj/bin/systrace/." then < 35 native-fsread: filename eq "/usr/obj/bin" then permit < 36 native-fcntl: permit < 37 native-getdirentries: permit < 38 native-lseek: permit < 39 native-fsread: filename eq "/usr/obj" then permit < 40 native-fsread: filename eq "/usr" then permit native-fsread: filename eq "/usr" then permit 41 native-fsread: filename eq "/usr/bin" then permit native-fsread: filename eq "/usr/bin" then permit 42 native-fsread: filename eq "/usr/games" then permit native-fsread: filename eq "/usr/games" then permit 43 native-fsread: filename eq "/usr/include" then permit native-fsread: filename eq "/usr/include" then permit 44 native-fsread: filename eq "/usr/lib" then permit native-fsread: filename eq "/usr/lib" then permit 45 native-fsread: filename eq "/usr/libdata" then permit native-fsread: filename match "/usr/lib/libc.so.*" then p 46 native-fsread: filename eq "/usr/libexec" then permit native-fsread: filename match "/usr/lib/libcrypto.so.*" t 47 native-fsread: filename eq "/usr/lkm" then permit native-fsread: filename match "/usr/lib/libncurses.so.*" 48 native-fsread: filename eq "/usr/local" then permit native-fsread: filename match "/usr/lib/libssl.so.*" then 49 native-fsread: filename eq "/usr/mdec" then permit native-fsread: filename eq "/usr/libdata" then permit 50 native-fsread: filename eq "/home" then permit native-fsread: filename eq "/usr/libexec" then permit 51 native-fsread: filename eq "/obj" then permit native-fsread: filename eq "/usr/lkm" then permit 52 native-fsread: filename eq "$HOME/.lynxrc" then permit native-fsread: filename eq "/usr/local" then permit 53 native-fsread: filename match "/<non-existent filename>: native-fsread: filename eq "/usr/mdec" then permit 54 native-fsread: filename eq "/usr/obj/bin/systrace/.mailca native-fsread: filename eq "/usr/obj" then permit 55 native-fsread: filename eq "$HOME/.mailcap" then permit native-fsread: filename eq "/usr/obj/bin" then permit 56 native-fsread: filename eq "/usr/obj/bin/systrace/.mime.t native-fsread: filename eq "/usr/obj/bin/systrace/." then 57 ) native-fsread: filename eq "/usr/obj/bin/systrace/.mailca 58 ) native-fsread: filename eq "/usr/obj/bin/systrace/.mime.t 59 native-fsread: filename eq "$HOME/.mime.types" then permi < 60 native-sigaction: permit < 61 native-ioctl: permit < 62 native-fsread: filename eq "$HOME/.terminfo.db" then perm < 63 native-fsread: filename eq "$HOME/.terminfo" then permit < 64 native-fsread: filename eq "/usr/share/misc/terminfo.db" native-fsread: filename eq "/usr/share/misc/terminfo.db" 65 native-pread: permit < 66 native-write: permit < 67 native-fsread: filename eq "$HOME/.lynx-keymaps" then per < 68 native-fsread: filename eq "/var/run/dev.db" then permit native-fsread: filename eq "/var/run/dev.db" then permit 69 native-fsread: filename eq "/etc/utmp" then permit | native-fsread: filename eq "/var/run/ld.so.hints" then pe 70 native-poll: permit | native-fstat: permit 71 native-nanosleep: permit | native-fswrite: filename match "/tmp/lynx-*" then permit 72 > native-getdirentries: permit 73 > native-getpid: permit 74 native-gettimeofday: permit native-gettimeofday: permit 75 native-fsread: filename eq "/etc/resolv.conf" then permit | native-ioctl: permit 76 native-socket: sockdom eq "AF_INET" and socktype eq "SOCK | native-issetugid: permit 77 native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe | native-lseek: permit 78 native-sendto: true then permit | native-mmap: permit 79 native-select: permit | native-mprotect: prot eq "PROT_READ" then permit 80 > native-mprotect: prot eq "PROT_READ|PROT_EXEC" then permi 81 > native-mprotect: prot eq "PROT_READ|PROT_WRITE" then perm 82 > native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXEC" 83 > native-munmap: permit 84 > native-nanosleep: permit 85 > native-poll: permit 86 > native-pread: permit 87 > native-read: permit 88 native-recvfrom: permit native-recvfrom: permit 89 > native-select: permit 90 > native-sendto: true then permit 91 > native-sigaction: permit 92 > native-sigprocmask: permit 93 > native-socket: sockdom eq "AF_INET" and socktype eq "SOCK 94 native-socket: sockdom eq "AF_INET" and socktype eq "SOCK native-socket: sockdom eq "AF_INET" and socktype eq "SOCK 95 native-connect: sockaddr match "inet-\\\[*\\\]:80" then p | native-write: permit 96 native-exit: permit < 97
Indexes created Tue Sep 30 20:09:53 GMT 2025