SELinux Policy/Flask Classes from scratch
bx
galaxy4sale at gmail.com
Fri Jan 26 17:18:01 UTC 2007
Hello,
Let me apologize if this is the wrong place to ask this question, but I
figure that those well versed in SELinux can help me. I have been reading a
ton about SELinux and Flask, and I haven't found anything that answered my
question.
I am working on creating a security policy from scratch and followed the
tutorial the IBM published (
http://www-128.ibm.com/developerworks/linux/library/l-selinux.html). After
taking a look at the bare bones policy.conf file it generated, it got me
thinking- I don't need to have something as granular as SELinux allows me
to be. In fact it would simplify things if I could change the granularity.
How would SELinux be affected if I were to remove some of the class
definitions and took anything that referred to those classes out of my
policy? Would SELinux just not enforce anything on those types of objects,
would SELinux completely disallow all use of those objects or would it just
break SELinux?
Thank you for your time and help,
Rebecca
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20070126/3f3e4035/attachment.htm>
More information about the fedora-selinux-list
mailing list