[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
writing a policy. Confused about domain transition.
- From: yiruli ccsl carleton ca
- To: fedora-selinux-list redhat com
- Subject: writing a policy. Confused about domain transition.
- Date: Sat, 19 Jul 2008 15:26:55 -0400
Hi,
I am practising to write a policy for a music player called soundjuicer.
Policy Tool I used: selinux-polgengui
The beginning part of soundjuicer1.te is as follows:
----------------------------------------------------
type soundjuicer1_t;
type soundjuicer1_exec_t;
application_domain(soundjuicer1_t, soundjuicer1_exec_t)
role user_r types soundjuicer1_t;
.....
-------------------------------------------------------
The context of login id is (id -Z):
user_u:user_r:user_t
I loaded the module. And then I run the music player both from
terminal and GUI. I checked the context of the soundjuicer process.
The context of the process is : user_u:user_r:user_t
Question:
With the context for the process, user_u:user_r:user_t, can I say that
the security policy for the program is not being enforced, because of
the failure of domain transition?
Should the context of the process be: user_u:user_r:soundjuicer1_t?
thanks
Yiru Li
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]