--
Patrick K. Kashi, PhD
CTO
On 4/7/2014 7:54 AM, Stephen Smalley wrote:
On 04/07/2014 05:24 AM, dE wrote:
Hi!
Sorry for the trival question; but on reading various SELinux resources,
it appears everyone talks about some 'domain' but no one defines what is
it.
So I wanna what what is a domain in SELinux.
See:
http://www.nsa.gov/research/_files/selinux/papers/policy2/x86.shtml
The definition of the term "domain" in "Type Enforcement model" is
security context and attributes assigned to a process BUT not
necessarily in SELinux:
SELinux internally won't care about domain, it uses type for that matter.
Would you mind to correct me, if I'm wrong?
above document asserts:
QUOTE:
" ... Although the example TE configuration often uses the term domain
when referring to the type of a process,
the SELinux TE model does not internally distinguish domains from types."
UNQOUTE
Best regards,
Patrick K.
