base policy family

The base policy family consists of two call policies:

• grant

  Returns an "allowed" decision (KSS_GRANT).

• deny

  Returns a "denied" decision (KSS_DENY).

Policies of the base family do not have parameters or configurations.

The declaration of the base family and declaration of grant and deny aliases are in the following file:

/opt/KasperskyOS-StarterKit-<version>/sysroot-x86_64-pc-kos/include/kss/server/base.cfg

Example

security.cfg

...

#include "kss/server/base.cfg"

/* foo entity that is allowed to receive

messages but is not allowed to respond to them */

entity foo {

execute call main = grant;

receive in = grant;

send out = deny;

}

...

Page top