.pp files

[Salvo Danilo Giuffrida]

Thanks a lot for the answer. I have another question, please: Where can I 
find the list of all the object classes (file, dir, netif, etc...), and the 
operations associated to each one of them?
Thanks a lot

>From: Stephen Smalley <sds at tycho.nsa.gov>
>To: Salvo Giuffrida <giuffsalvo at hotmail.it>
>CC: sundaram at fedoraproject.org, fedora-selinux-list at redhat.com
>Subject: Re: .pp files
>Date: Wed, 20 Sep 2006 15:04:29 -0400
>
>On Tue, 2006-09-19 at 19:36 +0200, Salvo Giuffrida wrote:
> > So, what's now the role of the policy.number file in /etc/..../policy? 
>Can
> > one still use the "old way" of modifying the source, and recompile into 
>a
> > big binary file?
>
>The policy modules are linked together and expanded into a kernel binary
>policy image, which is then installed to that file for loading into the
>kernel.
>
>You don't absolutely have to use modular/managed policy, but doing so
>has definite benefits, and both users and package scriptlets are
>increasingly taking advantage of semodule and semanage for managing
>policy in a modular way and customizing certain policy settings, and the
>dependencies on it are only going to increase in the future as further
>management infrastructure is created.
>
>BTW, while the O'Reilly book predates the modular policy support
>(possibly they'll issue an updated edition sometime, I don't know),
>there is a newer SELinux book that includes discussion of policy modules
>by people involved in their development, see:
>http://selinuxnews.org/wp/index.php/2006/08/09/new-selinux-book-published/
>http://mentalrootkit.org/?p=10
>
> > Another thing, please: What's the "Object manager"?
>
>That's a term used in the Flask security architecture, which SELinux
>implements.  See:
>http://www.nsa.gov/selinux/papers/flask-abs.cfm
>
>--
>Stephen Smalley
>National Security Agency
>

_________________________________________________________________
Personalizza MSN Messenger con sfondi e fotografie! 
http://www.ilovemessenger.msn.it/