On Fri, Sep 07, 2007 at 08:40:20 -0400, Eric Paris eparis@redhat.com wrote:
On Fri, 2007-09-07 at 10:04 +0200, "Stanisław T. Findeisen" wrote:
Please tell me if the following is correct about resource access in SELinux:
(1) everything is denied by default (2) administrator can add "allow" rules (3) SO, there is nothing about "rule chains", like in iptables. There is just rule SET. In other words, order of rules is not significant.
I'm going to have to go with, True.
There is ordering in the file_contexts file used for relabelling.