Hello all!
I would like to ask you experts some details about how the policy is managed (stored and retrieved) by the security server.
If you can recommend some documentation where these topics are addressed in details I would be very grateful.
These are the ideas I (haven't) got while looking through the code.
If the needed policy rule is not present in the AVC, then it has to be retrieved by... the Access Vector Table (ss/avtab.h/c), right?
The avtab is a "simple" hash-table, where all rules are stored and searched through the key {ssid,tsid,obj_class} for the access vector. Is it correct?
What I expected was something faster to search... like a database...
On the other side, the policy should be stored in a binary policy file. So how is the set of rules retrieved from this binary file?
I also read about a policy database, that, as far as I understood is meant for configuration parameters only. It doesn't work as a rules repository, right?
I would be very thankful guys if you can help me understand this mechanism.
Thank you in advance.
Stefano
_________________________________________________________________
Con Windows Live, puoi organizzare, modificare e condividere le tue foto.
http://www.microsoft.com/italy/windows/windowslive/products/photo-gallery-edit.aspx
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
