selinux-policy/refpolicy/policy/modules/system/domain.te

29 lines
676 B
Plaintext
Raw Normal View History

2005-04-20 19:07:16 +00:00
# Copyright (C) 2005 Tresys Technology, LLC
policy_module(domain,1.0)
2005-04-14 20:18:17 +00:00
# Mark process types as domains
attribute domain;
# entrypoint executables
attribute entry_type;
# processes started by init itself
attribute init_domain;
attribute init_domain_entry;
2005-05-05 17:44:11 +00:00
# short running processes started by init scripts,
# such as mount, usually for initializing the system
attribute system_domain;
attribute system_domain_entry;
# long running application processes started by
# init scripts, such as sshd
attribute daemon_domain;
attribute daemon_domain_entry;
# widely-inheritable file descriptors
attribute privfd;
2005-04-14 20:18:17 +00:00
neverallow domain ~domain:process { transition dyntransition };