init labeling question for targeted policy
Colin Walters
walters at redhat.com
Sat Nov 27 17:30:44 UTC 2004
On Sat, 2004-11-27 at 05:03 -0800, Karsten Wade wrote:
> init is started with the unconfined_t context? Was this behavior that
> changed between FC2 and FC3, or am I missing something fundamental here?
I think the distinction is just targeted vs. strict policy; FC2 didn't
have targeted. So basically everything just starts out as unconfined,
including the kernel, and then transitions happen for a few specific
domains like httpd_t. For strict policy, I think it's pretty much as
Russell described it. Does that answer your question?
More information about the fedora-selinux-list
mailing list