KaiGai Kohei wrote: > [2/3] thread-context-checkpolicy.1.patch > This patch add a new statement of TYPEDOMINATE for policy language. > > TYPEDOMINATE <parent type> <chile type> [, <child type> ...] ; > > It defines expilct hierarchical relationship between two types. > Existing name based hierarchy is dealt as TYPEDOMINATE is described > implicitly. I reconsidered that the statement should be replaced as follows, because "DOMINATE" is an associated term with MLS and roles/users also have name based hierarchy ideas now. HIERARCHY <parent type> TYPES <child type> [, <child type> ...]; HIERARCHY <parent role> ROLES <child role> [, <child role> ...]; HIERARCHY <parent user> USERS <child user> [, <child user> ...]; Thanks, -- OSS Platform Development Division, NEC KaiGai Kohei <kaigai@xxxxxxxxxxxxx> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
