On Thu, 2014-01-09 at 19:23 -0500, Paul Moore wrote:
>
> Don't forget that a sid, including the initial sids, represents a full
> label/context.
>
Yes sorry, I will try to keep that in mind.
I use the terminology a bit different since i do not look at it from a
code perspective.
To me a sid is just what the name suggests: a security identifier.
user_u -> identity security identifier
role_r -> role security identifier
type_t -> type security identifier
s0 -> sensitivity security identifier
c0 -> compartment security identifier
I guess from that perspective i would probably also refer to for example
traditional uids as sids.
uid=1000(joe)
key/value pairs, were the key ("uid") is a security attribute and the
value (1000/(joe)) is a/are security identifier(s)
I know its probably technically incorrect. I have the same thing with
the term domain.
I use that term in a different context than everyone else. What you call
a domain i call a domain type.
To me a particular domain encapsulates all rules associated with a
particular domain type
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
