FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor


 
 
LinkBack Thread Tools
 
Old 11-26-2007, 04:46 PM
"Clarkson, Mike R (US SSA)"
 
Default mls file level
When a process creates a file, by default the file has the same mls
level as the process. Is there a policy rule that can change the default
behavior? I'm looking for something similar to the range_transition rule
except that I want it to work for file level.

Thanks


--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 11-26-2007, 04:59 PM
Stephen Smalley
 
Default mls file level
On Mon, 2007-11-26 at 09:46 -0800, Clarkson, Mike R (US SSA) wrote:
> When a process creates a file, by default the file has the same mls
> level as the process. Is there a policy rule that can change the default
> behavior? I'm looking for something similar to the range_transition rule
> except that I want it to work for file level.

If your checkpolicy and kernel support policy version 21, then you can
define range_transition statements with class specifiers, ala:
range_transition <source types> <target types : <target classes> <new
range>;

--
Stephen Smalley
National Security Agency

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 

Thread Tools




All times are GMT. The time now is 01:30 AM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org

Contact Us - Linux Archive - Archive - Top -