Currently the policy file is loaded early in init, before any filesystems are mounted. This means that if their is a policy file in data/system that should be used instead of the on in the rootdir ramfs, and the data/system policy is ignored until you do a reload. I was wondering what the security implications are of loading the policy after the mount, or is it better just to do a setprop to reload policy in an on fs section of init.rc? -- Respectfully, William C Roberts -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
