On Mon, Jul 18, 2011 at 4:15 PM, Zoltan Arnold NAGY <zoltan.arnold.nagy@xxxxxxxxx> wrote:
Hi,
I apologize in advance if my use of nomenclature is a bit sloppy. I'm
new to this. :)
Let's say I have a process with type P, but it needs a config file.
Is there a way to specify that if P accesses any file having a type Q, then
the process type should transition to T?
This would allow to mitigate attacks where specific config changes are allowed
(but are always coupled with a relabeling to type Q), but we don't
trust the changer.
A side question would be how to force this relabeling to take place
automatically?
Thanks,
Zoltan
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
--
........................
MOHIT VERMA
