On Mon, Sep 13, 2010 at 06:29:29PM +0200, Roberto Sassu wrote: > Hi all > > i'm investigating what types the domain user_t is allowed to execute, in > particular those that don't belong to the exec_type attribute. I need more > details about the attribute 'noxattrfs' and the type 'etc_t', more precisely > in which circumstances they are executed by a regular user. > Thanks in advance for replies. Have you tried the seinfo and sesearch commands. Here are some examples: sesearch -SC --allow -s user_t -t file_type -c file -p execute sesearch -SC --allow -s userdomain -t etc_t -c file sesearch -SC --allow -t exec_type (man sesearch) seinfo -x -aexec_type seinfo -x -tetc_t (man seinfo) > > Roberto Sassu > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux
Attachment:
pgp610DfM2SM8.pgp
Description: PGP signature
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
