Hi,
how can kernel distinguishes objects in system and object in policy? I
mean. How kernel know, that this allow rule is correct to /etc/passwd
and not correct for /etc itself (as dir):
allow httpd_t etc_t : file { ioctl read getattr lock open } ;
Ok, it is written in policy, that it is a file, but it is only a object
class. Is it defined somewher, that object class 'file' is file, and
object class 'dir' is directory?
How can I create new object class named foo, which will be usedd for
named_pipe?
Regards
--
Artur Szymczak | RHCE: 100-001-734 | CAcert Assurer
RHCA, RHCSS, RHCX, CLE11, CNI, UCP-1, UCI, Linux+, LPIC-2
GPG: C03A 385E 5C10 82C5 6564 C1E9 3D6A 616E B15D 122D
http://CodzienneChodzenieZBogiem.blogspot.com/