Create a unique type for the directory and the application. In the applications policy allow it access to only the directory type. However typically you do need read access to other file types to do things like load shared libraries. Ted On Mon, Nov 23, 2009 at 7:24 AM, Timothy L. Watt <tlwatt@xxxxxxxxxxxxxxxxxxxxx> wrote: > I am looking for a precise guide (how-to) on confining applications to > specific directories with SELinux; ex. confining a custom application > to its install directory. > > Thanks in advance. - Tim > > -- > Sent from my mobile device > > -- > This message was distributed to subscribers of the selinux mailing list. > If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with > the words "unsubscribe selinux" without quotes as the message. > -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
