Hi,
Lately I'm studying SELinux and got some questions which I want to be clear.
(1)I know SELinux is based on Flask architecture and I know where the SS is, but I'm not sure
where the OM locates, I guess the variable "security_ops" which belongs to LSM represents the OM, am I right?
(2)the struct "selinux_ops" in file hooks.c is declared as "static", why not add "const" qualifier so that
the it will be put in read-only data section in the kernel?
(3)Is there any way to hack the SELinux, I mean, to disable it on the fly? For example, replace the policy db with a
blank file so that any permission is allowed. Is it feasible?
Regards,
Yao
