On Thu, 2013-10-10 at 09:59 +0200, Dominick Grift wrote:
On Thu, 2013-10-10 at 10:08 +1030, William Brown wrote:
corecmd_exec_bin(iotop_t)
miscfiles_read_localization(iotop_t)
files_read_etc_files(iotop_t)
domain_getsched_all_domains(iotop_t) domain_read_all_domains_state(iotop_t)
kernel_read_system_state(iotop_t) kernel_rw_unix_dgram_sockets(iotop_t)
userdom_use_user_terminals(iotop_t)
Also a minor nitpick about ordering of interface calls.
generally its this order:
kernel layer interface calls in aplhanumerical order ( except with calls to the kernel module on top of them)
system layer interface calls
constrib interface calls
see:
I'll read all your points, and fix up what you have suggested. Once done, If you don't mind I'll send the policy again for your to review.