about a new policy file in SELinux!
Stephen Smalley
sds at epoch.ncsc.mil
Thu Aug 5 12:43:40 UTC 2004
On Wed, 2004-08-04 at 16:01, Sajed Miremadi wrote:
> Hi,
>
> I have asked this question several times before but haven't got the answer
> I really want.
> I'll ask it again but more clearly:
> Does anybody ever write a new policy file except those which is defult in
> selinux(I mean those in /etc/security/selinux/src/policy/domains/program).
> When I say a policy file I mean the files with ".te". For example there
> are some for "ping","innd","tcpdump" and ... .
> If someone has a .te file with this condition, I would be very glad if
> he/she could send me that.
Most of the .te files that are in the policy today were written from
scratch by external contributors and submitted on the NSA selinux
mailing list, then added to the example policy. Looking at a historical
snapshot of the example policy from early 2001, there were only 40 .te
files in it, compared to > 180 .te files now.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-selinux-list
mailing list