# Copyright (C) 2005 Tresys Technology, LLC

# Mark process types as domains
attribute domain;

# processes started by init itself
attribute init_domain;
attribute init_domain_entry;

# processes started by init scripts
attribute daemon_domain;
attribute daemon_domain_entry;

# widely-inheritable file descriptors
attribute privfd;

neverallow domain ~domain:process { transition dyntransition };