On Wed, 2004-08-04 at 16:01, Sajed Miremadi wrote: > Hi, > > I have asked this question several times before but haven't got the answer > I really want. > I'll ask it again but more clearly: > Does anybody ever write a new policy file except those which is defult in > selinux(I mean those in /etc/security/selinux/src/policy/domains/program). > When I say a policy file I mean the files with ".te". For example there > are some for "ping","innd","tcpdump" and ... . > If someone has a .te file with this condition, I would be very glad if > he/she could send me that. Most of the .te files that are in the policy today were written from scratch by external contributors and submitted on the NSA selinux mailing list, then added to the example policy. Looking at a historical snapshot of the example policy from early 2001, there were only 40 .te files in it, compared to > 180 .te files now. -- Stephen Smalley <sds@xxxxxxxxxxxxxx> National Security Agency
