On Mon, 2005-03-28 at 19:27 +0100, Luke Kenneth Casson Leighton wrote: > ... question: in what ways do you ensure that a security-aware > compromised program is only allowed to create certain filetypes? In the same manner as with a security-unaware program; the domain must be allowed create permission to the file type via an allow rule. -- Stephen Smalley <sds@xxxxxxxxxxxxx> National Security Agency
