On Nov 22, 2016 02:58, "peng fei" <fionapeng...@gmail.com> wrote: > > R, S and T are type of files. > > The process a has domain A > in A.te > allow A S:file rw_perm; > allow A T:file rw_perm; > > The process b has domain B > in B.te > allow B S:file rw_perm; > allow B R:file rw_perm; > > Is this correct that domain A and domain B have the same permission to S ?
Yes > ------------------------------------------------------------------------------------------------------------- > The process a has domain A > in A.te > allow A S:file r_perm; > allow A T:file rw_perm; > > The process b has domain B > in B.te > allow B S:file rw_perm; > allow B R:file rw_perm; > Is this correct that domain A is granted to read S and domain B is granted to rw S ? > Is this correct that different domain must has disjoint permission set? There is no requirement. However sepolicy analyze will help you find equivalent types. > > > > _______________________________________________ > Seandroid-list mailing list > Seandroid-list@tycho.nsa.gov > To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov. > To get help, send an email containing "help" to seandroid-list-requ...@tycho.nsa.gov.
_______________________________________________ Seandroid-list mailing list Seandroid-list@tycho.nsa.gov To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov. To get help, send an email containing "help" to seandroid-list-requ...@tycho.nsa.gov.