What is the secutity separation on the files than. Can you give me an more definition of what these files are.
Are you trying to allow a file to be created and depending on its name, it can be shared by a confined service?
You have not explained what your security goal is.
i´ll try to explain.
I have a big directory with thousands of files. All of this files match a pattern in the file name (files that don´t match don´t mind). What I want is that when a new file is created, the users or groups that can access the file are already fixed (is like putting g+s to a directory and all the files created have the directory group)
Look at this: "
In addition to being one of the most mature and scalable security monitors in computing, it has some interesting features that are not often found in Microsoft Windows or Unix environments. It can, for example, set permissions for file patterns — that is, set the permissions even for files that do not yet exist"
is this possible to simulate with SELinux or am I totally wrong?
I hope now it will clearer
Greetings and thaks for your answers
ESG