1 Policy: /usr/bin/lynx, Emulation: native Policy: /usr/bin/lynx, Emulation: native 2 > native-issetugid: permit 3 > native-mprotect: permit 4 > native-mmap: permit 5 native-__sysctl: permit native-__sysctl: permit 6 > native-fsread: filename eq "/var/run/ld.so.hints" then pe 7 > native-fstat: permit 8 native-close: permit native-close: permit 9 native-connect: sockaddr eq "inet-[127.0.0.1]:53" then | native-fsread: filename match "/usr/lib/libssl.so.*" then 10 native-connect: sockaddr match "inet-\\\[*\\\]:80" then | native-read: permit 11 native-exit: permit | native-fsread: filename match "/usr/lib/libcrypto.so.*" t 12 native-fcntl: cmd eq "F_SETFD" then permit | native-fsread: filename match "/usr/lib/libncurses.so.*" 13 native-fsread: filename eq "/" then permit | native-fsread: filename match "/usr/lib/libc.so.*" then p 14 native-fsread: filename match "/<non-existent filename> | native-munmap: permit 15 native-fsread: filename eq "/etc/lynx.cfg" then permit | native-sigprocmask: permit 16 native-fsread: filename eq "/etc/malloc.conf" then perm native-fsread: filename eq "/etc/malloc.conf" then permit 17 native-fsread: filename eq "/etc/resolv.conf" then perm | native-getpid: permit 18 native-fsread: filename eq "/etc/utmp" then permit < 19 native-fsread: filename eq "/home" then permit < 20 native-fsread: filename eq "$HOME" then permit < 21 native-fsread: filename eq "$HOME/.lynx-keymaps" then p < 22 native-fsread: filename eq "$HOME/.lynxrc" then permit < 23 native-fsread: filename eq "$HOME/.mailcap" then permit < 24 native-fsread: filename eq "$HOME/.mime.types" then per < 25 native-fsread: filename eq "$HOME/.terminfo" then permi < 26 native-fsread: filename eq "$HOME/.terminfo.db" then pe < 27 native-fsread: filename eq "/obj" then permit < 28 native-fsread: filename eq "/tmp" then permit native-fsread: filename eq "/tmp" then permit 29 > native-fswrite: filename match "/tmp/lynx-*" then permit 30 native-fsread: filename match "/tmp/lynx-*/." then perm native-fsread: filename match "/tmp/lynx-*/." then permit 31 > native-fsread: filename eq "$HOME" then permit 32 > native-fsread: filename eq "/etc/lynx.cfg" then permit 33 > native-fsread: filename eq "/" then permit 34 > native-fsread: filename eq "/usr/obj/bin/systrace/." then 35 > native-fsread: filename eq "/usr/obj/bin" then permit 36 > native-fcntl: permit 37 > native-getdirentries: permit 38 > native-lseek: permit 39 > native-fsread: filename eq "/usr/obj" then permit 40 native-fsread: filename eq "/usr" then permit native-fsread: filename eq "/usr" then permit 41 native-fsread: filename eq "/usr/bin" then permit native-fsread: filename eq "/usr/bin" then permit 42 native-fsread: filename eq "/usr/games" then permit native-fsread: filename eq "/usr/games" then permit 43 native-fsread: filename eq "/usr/include" then permit native-fsread: filename eq "/usr/include" then permit 44 native-fsread: filename eq "/usr/lib" then permit native-fsread: filename eq "/usr/lib" then permit 45 native-fsread: filename match "/usr/lib/libc.so.*" then < 46 native-fsread: filename match "/usr/lib/libcrypto.so.*" < 47 native-fsread: filename match "/usr/lib/libncurses.so.* < 48 native-fsread: filename match "/usr/lib/libssl.so.*" th < 49 native-fsread: filename eq "/usr/libdata" then permit native-fsread: filename eq "/usr/libdata" then permit 50 native-fsread: filename eq "/usr/libexec" then permit native-fsread: filename eq "/usr/libexec" then permit 51 native-fsread: filename eq "/usr/lkm" then permit native-fsread: filename eq "/usr/lkm" then permit 52 native-fsread: filename eq "/usr/local" then permit native-fsread: filename eq "/usr/local" then permit 53 native-fsread: filename eq "/usr/mdec" then permit native-fsread: filename eq "/usr/mdec" then permit 54 native-fsread: filename eq "/usr/obj" then permit | native-fsread: filename eq "/home" then permit 55 native-fsread: filename eq "/usr/obj/bin" then permit | native-fsread: filename eq "/obj" then permit 56 native-fsread: filename eq "/usr/obj/bin/systrace/." th | native-fsread: filename eq "$HOME/.lynxrc" then permit 57 > native-fsread: filename match "/<non-existent filename>: 58 native-fsread: filename eq "/usr/obj/bin/systrace/.mail native-fsread: filename eq "/usr/obj/bin/systrace/.mailca 59 > native-fsread: filename eq "$HOME/.mailcap" then permit 60 native-fsread: filename eq "/usr/obj/bin/systrace/.mime native-fsread: filename eq "/usr/obj/bin/systrace/.mime.t 61 > native-fsread: filename eq "$HOME/.mime.types" then permi 62 > native-sigaction: permit 63 > native-ioctl: permit 64 > native-fsread: filename eq "$HOME/.terminfo.db" then perm 65 > native-fsread: filename eq "$HOME/.terminfo" then permit 66 native-fsread: filename eq "/usr/share/misc/terminfo.db native-fsread: filename eq "/usr/share/misc/terminfo.db" 67 > native-pread: permit 68 > native-write: permit 69 > native-fsread: filename eq "$HOME/.lynx-keymaps" then per 70 native-fsread: filename eq "/var/run/dev.db" then permi native-fsread: filename eq "/var/run/dev.db" then permit 71 native-fsread: filename eq "/var/run/ld.so.hints" then | native-fsread: filename eq "/etc/utmp" then permit 72 native-fstat: permit < 73 native-fswrite: filename match "/tmp/lynx-*" then permi < 74 native-getdirentries: permit < 75 native-getpid: permit < 76 native-gettimeofday: permit < 77 native-ioctl: permit < 78 native-issetugid: permit < 79 native-lseek: permit < 80 native-mmap: permit < 81 native-mprotect: prot eq "PROT_READ" then permit < 82 native-mprotect: prot eq "PROT_READ|PROT_EXEC" then per < 83 native-mprotect: prot eq "PROT_READ|PROT_WRITE" then pe < 84 native-mprotect: prot eq "PROT_READ|PROT_WRITE|PROT_EXE < 85 native-munmap: permit < 86 native-nanosleep: permit < 87 native-poll: permit native-poll: permit 88 native-pread: permit | native-nanosleep: permit 89 native-read: permit | native-gettimeofday: permit 90 native-recvfrom: permit | native-fsread: filename eq "/etc/resolv.conf" then permit 91 native-select: permit < 92 native-sendto: true then permit < 93 native-sigaction: permit < 94 native-sigprocmask: permit < 95 native-socket: sockdom eq "AF_INET" and socktype eq "SO native-socket: sockdom eq "AF_INET" and socktype eq "SOCK 96 > native-connect: sockaddr eq "inet-[127.0.0.1]:53" then pe 97 > native-sendto: true then permit 98 > native-select: permit 99 > native-recvfrom: permit 100 native-socket: sockdom eq "AF_INET" and socktype eq "SO native-socket: sockdom eq "AF_INET" and socktype eq "SOCK 101 native-write: permit | native-connect: sockaddr match "inet-\\\[*\\\]:80" then p 102 > native-exit: permit 103
Indexes created Thu Sep 25 16:09:42 GMT 2025