SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Research Skip Research Menus Research Menu Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: Multiple contexts This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] From: Luke Kenneth Casson Leighton <lkcl_at_lkcl.net> Date: Wed, 12 Jan 2005 19:07:58 +0000 On Wed, Jan 12, 2005 at 01:03:02PM -0500, Stephen Smalley wrote: > On Wed, 2005-01-12 at 13:18, Luke Kenneth Casson Leighton wrote: > > sorry. > > > > something simple: > > > > i am thinking along the lines of more than one file context being > > associated with a file - that sort of thing. > > > > and permission being checked and allowed on either of the contexts. > > I already explained why you don't want that - it puts the policy into > the filesystem state. there is of course the other scheme which achieves the same end-result, but using customised m4 macro-based programs to do it: this scheme has been raised before. namely, to have your apache.fc file and your customthing.fc file, and to "spew forth" a combined apache_customthing_filetype_t with some macro preprocessing. then your apache.fc is unmodified, it's clean, it can be verified, upgraded etc... l. -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Wed 12 Jan 2005 - 13:57:30 EST This message: [ Message body ] Next message: petre rodan: "Re: SELinux with IPSec - something going on ?" Previous message: Daniel J Walsh: "[Fwd: New policy patch]" In reply to: Stephen Smalley: "Re: Multiple contexts" Next in thread: Stephen Smalley: "Re: Multiple contexts" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom