[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

selinux policy for encrypted files

Hi all

i want to write a policy for encrypted files.
In order to do this i created some new types which have the
name of the correspondent type used for non encrypted files,
with the prefix 'encrypted_'.
Then i need to define the policy for applications that need to
use these new types which is very similar to this defined
for original types, except that i want to take rules only
for the 'dir' and 'file' class.
What this the best way to define the policy? Do i have
to duplicate all required interfaces/templates or can i reuse
the existent code, for instance by adding a new parameter?

I will show an example of what i'm trying to define.

New type: encrypted_etc_t;

Example interface:

		type etc_t;

	allow $1 etc_t:dir list_dir_perms;

Added interface:

		type encrypted_etc_t;

	allow $1 encrypted_etc_t:dir list_dir_perms;
selinux mailing list

[Fedora Users]     [Fedora Legacy]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite Photos]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

Powered by Linux

  Web www.spinics.net