Desktop apps interoperability

Stephen Smalley sds at
Mon Mar 28 18:23:39 UTC 2005

On Mon, 2005-03-28 at 19:27 +0100, Luke Kenneth Casson Leighton wrote:
>  ... question: in what ways do you ensure that a security-aware
>  compromised program is only allowed to create certain filetypes?

In the same manner as with a security-unaware program; the domain must
be allowed create permission to the file type via an allow rule.

Stephen Smalley <sds at>
National Security Agency

More information about the fedora-selinux-list mailing list