Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRE: [RFC & PATCH] inherited type definition.
From: Karl MacMillan <kmacmillan_at_tresys.com>
Date: Mon, 21 Mar 2005 08:39:48 -0500
First, you missed the switch to the @ being required in order to inherit permissions through extends - making that syntax, as far as I can tell, the same as what you are suggesting. Next, my objection is that there is only one subset of permissions - there is no way to have user_ftp_t inherit one set of permissions from user_t and user_httpd_t inherit another set of permissions from user_t. My assertion is that this is ultimately too limiting and makes this syntax only useful for contrived examples. Karl
> --- Karl MacMillan Tresys Technology http://www.tresys.com (410) 290-1411 ext 134 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Mon 21 Mar 2005 - 08:39:53 EST |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |