selinux-refpolicy/refpolicy/policy/modules/system/domain.te

18 lines
398 B
Plaintext

# Copyright (C) 2005 Tresys Technology, LLC
# Mark process types as domains
attribute domain;
# processes started by init itself
attribute init_domain;
attribute init_domain_entry;
# processes started by init scripts
attribute daemon_domain;
attribute daemon_domain_entry;
# widely-inheritable file descriptors
attribute privfd;
neverallow domain ~domain:process { transition dyntransition };