Stephen Smalley wrote: > setfscreatecon(3) specifies a security context prior to file creation. Thanks, this might make it doable in the svn server as an alternative. > Any change would have to support either model (inherit from source > context or inherit from target context), so logically it would be > policy-driven. It can also be derived as the least upper bound of both. If c1-c1,c2 process creates file in a c2 dir, it would make sense that the new file is c1,c2. Alternatively it could just use the default file context from policy. > MLS gives you the same end result (the process would be labeled s0:c1 > and thus its files would get created as such). Maybe I am not seeing something after all. Suppose I use the full MLS variant and give a user the labels c1,c2. How exactly would it happen that in a c1 dir he would automatically create c1 files, and in c1,c2 dir c1,c2 files? > It isn't so odd then to recommend using something other than MCS. It was meant in the context of the article you linked, where it is stated that the goal of MCS is to be more acceptable than MLS for general userbase. And the contrast being that first reply that was given to me from various sources was 'dont use MCS, use MLS'. Regards, Michal Svoboda
Attachment:
pgpbhUkb0XEex.pgp
Description: PGP signature
