| Hello Everyone, Bare with me, I am fairly new to SELinux policy writing. How do you write a rule to stop an application from accessing the root (/) directory? I am running Open Office (openoffice_exec_t) and whenever I open the open dialog (From the menubar, File -> Open) , on the top right of the open dialog, there are 3 buttons. The left most button is the "up one level" button. If you click and hold your mouse left button down on it, a sub menu appears and display a menu item called Workplace. If I click on it, it will bring you to root directory (/). I am trying to prevent that. I have a neverallow rule in my test.te: neverallow openoffice_exec_t root_t:dir { search }; However, it still transitions there after I touch /.autorelabel and reboot. Thanks. |
