Hi, What is the recommended way to add more exceptions for an "neverallow" rule given that I don't want to touch the default policy file?
The use case is that for example domain.te contains a lot of neverallow rules with some exceptions for the system daemons that are considered trusted to perform the defined operation. So, if somebody happen to add one more daemon that should belong to the exception list, what is the way to do it apart from either adding it to the existing domain.te or creating a full copy of domain.te, modifying it to contain the addition and then building the policy using this newly created domain.te? I don't think both methods are very flexible and scale well. What is really needed is a way to create a union on the list of neverallow rule exceptions. Best Regards, Elena.
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
