Hi, Recently, I’m working on SEAndroid for kk4.4. I found that some policy are confused in sepolicy/unconfineddomain.te. allow unconfineddomain domain:fd *; allow unconfineddomain domain:dir r_dir_perms; allow unconfineddomain domain:lnk_file r_file_perms; allow unconfineddomain domain:{ fifo_file file } rw_file_perms; I know sometimes object can be a domain. But when object is domain, should class be process ? In the examples above, the class are dir, lnk_file and file. How can this happen ? Does anyone know any scenario fit these situations ? Thanks. Sincerely Alan Xin |
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
