KaiGai Kohei wrote: > > Is this a known behavior? What is the sense in typebounding file types? > Yes, it is known. We had a similar discussion before: > http://marc.info/?l=selinux&m=126771862818496&w=2 I see. Unfortunately the selinux symposium pdf link at the end of the message is broken. Do you have another link to that file? I have also a few questions. Suppose that 1) dom_A bounds dom_B 2) file_A bounds file_B 3) dom_A has a set of rights S1 for file_A 4) dom_B has a set of rights S2 for file_B What is then the resulting masked set for dom_B wrt file_B? S1 cap S2? And does this principle (how?) extend to chained bounds (ie. A bounds B which in turn bounds C). And does it (semantically or otherwise) matter what kind of file_type the file_A is? For example, is 'typebound tmp_t file_B' the same as 'typebound http_user_data_t file_B'? Michal Svoboda
Attachment:
pgp5LP54JoCkq.pgp
Description: PGP signature
