Desktop apps interoperability

Stephen Smalley sds at
Mon Mar 28 13:43:39 UTC 2005

On Sun, 2005-03-27 at 23:57 -0500, Ivan Gyurdiev wrote:
> Fundamentally, what I want to know is:
> 1) Do desktop apps need to be confined? Is it a good idea to confine
> them?


> 2) If so, a shared data type is needed for interoperability. 
> Is ROLE_home_t acceptable for that purpose.

A shared data type may be fine, but ROLE_home_t isn't what you want to
use.  And yes, separating settings from data is useful, and yes,
littering user's top-level home directories with application settings
considered harmful. 

Stephen Smalley <sds at>
National Security Agency

More information about the fedora-selinux-list mailing list