-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
how are unix domain sockets handeled regarding the default context?
Please comment on the following statement or fill my gaps:
a. Processes inherit the label of their parent, except for the init
process which gets the label of the kernel sid
b. Ext{2-4} files/directories get the label of their parent directory.
Root (/) gets its label from the file system context (fs_use) on creation.
c. Inet sockets get the label specified with the portcon statement or
the context of kernel sid (?)
d. Unix domain sockets are split in 2 parts: the socket file is treated
as b. The socket object gets the label of the kernel sid (?) Is there a
way to define the context of a unix domain socket object? The only way I
can see would be to define a transition.
Explanations and clarification much appreciated.
Martin.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJOEeU0AAoJEGpTkDITRjmo14EIAJstcDIklJK8ZSRz+4nGqd+s
VWtrbzE71RXuSnWJZZo77Hx2Fs4jqh5dEKED6gJdiVE/5yQb5VskQ+b6wFHj9q87
IKihqGioZiP1rLDer5Wyhv/ZgJ7uhJab5j6xNlRgSy8JphQVyG+7piJIkbX2ui3q
TSC8vh55WQe2jqvtznXbWlbxDv924t+rJC3suNCIn5dvTFv2zfmMwTRfzp7ItZYM
93h3ZWlq2faYPhHE3eP68VmLUINzW20hRhIl2J4aIqzewa3x27zPg+0yJ1T6ghrV
E2NgH+eH5LyFZ6ddqMGlnu18VGuGfsSwMMCz7/ideiEJpYCXZNGDsaE7X9e5U/Y=
=wEgh
-----END PGP SIGNATURE-----
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
