Improved description

author: Sven Vermeulen <sven.vermeulen@siphos.be> 2011-08-16 23:10:27 +0000
committer: Sven Vermeulen <sven.vermeulen@siphos.be> 2011-08-16 23:10:27 +0000
commit: 401037505e74fd2ba673bd5c185a6e5551e7e8ba (patch)
tree: 747f6c264302ae1e4314352cdc081adb408bb47e /txt
parent: Try to keep track of good naming conventions (diff)
download: hardened-docs-401037505e74fd2ba673bd5c185a6e5551e7e8ba.tar.gz
hardened-docs-401037505e74fd2ba673bd5c185a6e5551e7e8ba.tar.bz2
hardened-docs-401037505e74fd2ba673bd5c185a6e5551e7e8ba.zip
1 files changed, 2 insertions, 3 deletions
diff --git a/txt/selinux-naming b/txt/selinux-naming
index ea12ccf..972ed77 100644
--- a/txt/selinux-naming
+++ b/txt/selinux-naming
@@ -2,9 +2,8 @@ Quick excerpts from #selinux
 
 Interface naming
   _domtrans is internal, only allows domain transition
-  _run is for root (system administrative) support, like
-    shutdown_run(sysadm_r, sysadm_t)
-  _role is for applications, like
+  _run was for root support, but basically nothing more than domtrans + access
+  _role is a more elaborate version, including resource access, like
     mozilla_role(staff_r, staff_t)
   _admin is to allow administration of a domain, including transitioning through the labeled init scripts, like
     postfix_admin(sysadm_r, sysadm_t)
author	Sven Vermeulen <sven.vermeulen@siphos.be>	2011-08-16 23:10:27 +0000
committer	Sven Vermeulen <sven.vermeulen@siphos.be>	2011-08-16 23:10:27 +0000
commit	401037505e74fd2ba673bd5c185a6e5551e7e8ba (patch)
tree	747f6c264302ae1e4314352cdc081adb408bb47e /txt
parent	Try to keep track of good naming conventions (diff)
download	hardened-docs-401037505e74fd2ba673bd5c185a6e5551e7e8ba.tar.gz hardened-docs-401037505e74fd2ba673bd5c185a6e5551e7e8ba.tar.bz2 hardened-docs-401037505e74fd2ba673bd5c185a6e5551e7e8ba.zip