SELinux Policy/Flask Classes from scratch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,
   Let me apologize if this is the wrong place to ask this question, but I figure that those well versed in SELinux can help me.  I have been reading a ton about SELinux and Flask, and I haven't found anything that answered my question.

  I am working on creating a security policy from scratch and followed the tutorial the IBM published (http://www-128.ibm.com/developerworks/linux/library/l-selinux.html ).   After taking a look at the bare bones policy.conf file it generated, it got me thinking-  I don't need to have something as granular as SELinux allows me to be.  In fact it would simplify things if I could change the granularity.  How would SELinux be affected if I were to remove some of the class definitions and took anything that referred to those classes out of my policy?  Would SELinux just not enforce anything on those types of objects, would SELinux completely disallow all use of those objects or would it just break SELinux? 


Thank you for your time and help,
Rebecca


--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux