On Fri, Sep 07, 2007 at 08:40:20 -0400, Eric Paris <eparis@xxxxxxxxxx> wrote: > On Fri, 2007-09-07 at 10:04 +0200, "Stanisław T. Findeisen" wrote: > > Please tell me if the following is correct about resource access in SELinux: > > > > (1) everything is denied by default > > (2) administrator can add "allow" rules > > (3) SO, there is nothing about "rule chains", like in iptables. There is > > just rule SET. In other words, order of rules is not significant. > > I'm going to have to go with, True. There is ordering in the file_contexts file used for relabelling. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
