[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Multiple contexts
On Wed, 2005-01-12 at 16:40, Stephen Bennett wrote:
> With only one type per file, it's possible to look at the policy and be
> certain (for example) that domain1 can't affect domain2 in any way,
> because there are no interactions allowed between the two, and the file
> types they can access don't overlap. If you allow multiple contexts per
> file, that ability goes out of the window, and you have to look at which
> files have multiple contexts and what contexts they are before you can
> figure out where information can and can't flow.
>
> Of course I may be off here, and I may have missed more subtleties, but
> that's the problem I can see with multiple types per file. Someone
> correct me if I'm wrong here. :)
Thanks, another voice of reason...
--
Stephen Smalley <sds@xxxxxxxxxxxxxx>
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
This mailing list archive is a service of Copilot Consulting.