On Mon, Sep 13, 2010 at 06:29:29PM +0200, Roberto Sassu wrote:
Hi all
i'm investigating what types the domain user_t is allowed to execute, in particular those that don't belong to the exec_type attribute. I need more details about the attribute 'noxattrfs' and the type 'etc_t', more precisely in which circumstances they are executed by a regular user. Thanks in advance for replies.
Have you tried the seinfo and sesearch commands. Here are some examples:
sesearch -SC --allow -s user_t -t file_type -c file -p execute sesearch -SC --allow -s userdomain -t etc_t -c file sesearch -SC --allow -t exec_type
(man sesearch)
seinfo -x -aexec_type seinfo -x -tetc_t
(man seinfo)
Roberto Sassu
selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux