order of rules?

Bruno Wolff III bruno at wolff.to
Sat Sep 8 19:43:04 UTC 2007


On Fri, Sep 07, 2007 at 08:40:20 -0400,
  Eric Paris <eparis at redhat.com> wrote:
> On Fri, 2007-09-07 at 10:04 +0200, "Stanisław T. Findeisen" wrote:
> > Please tell me if the following is correct about resource access in SELinux:
> > 
> > (1) everything is denied by default
> > (2) administrator can add "allow" rules
> > (3) SO, there is nothing about "rule chains", like in iptables. There is 
> > just rule SET. In other words, order of rules is not significant.
> 
> I'm going to have to go with, True.

There is ordering in the file_contexts file used for relabelling.




More information about the fedora-selinux-list mailing list