Confining a Mono Application Using SELinux

Benjy Grogan benjy.grogan at
Sat Apr 15 02:24:36 UTC 2006


I'm trying to take a mono app from Extras and confine it using
SELinux.  At the moment it runs in the security context
user_u:system_r:mono_t.  I would like to create my own security
context and run the mono app in that one.

I've followed all the instructions at
<> on 'How can I help
write policy?' but it's useless if I don't have a domain for my

I have read that you need to install the security contexts (as an rpm)
before installing the rpm of the mono application.  So I'm assuming
that work has to be done to create a domain for the mono application,
and then the mono application has to be forced to install in this

I'm not sure what makes an application run in the mono_t security
context to begin with, and how would I go about changing that?


More information about the fedora-selinux-list mailing list