DAC (discretionary access control) vs. SELinux MAC dac_override operation dac_read_search operation daemon_base_domain macro daemon_core_rules macro daemon_domain macro daemon_sub_domain macro daemons starting with run_con command starting/controlling troubleshooting problems with date command dbus_client_domain type attribute Debian GNU/Linux demonstration system installing SELinux on Debian Sid Debian Woody decisions made by SELinux security servers default roles, assigning default_context_t type default_contexts file 2nd default_t type default_type file defense by layers principle defenses for hosts for networks Delete button (Seuserx window) demo systems for SELinux denial-of-service attacks destroy operation detecting intrusions devfile_class_set macro 2nd devfs_control_t type device- related types device.te file device_t type device_type type attribute devlog_t type devpts (pseudoterminal filesystem) devpts.te file devtty_t type dgram_socket_class_set macro 2nd dir (object security class) 2nd dir_file_class_set macro 2nd direct information flow analysis direct_sysadm_daemon macro 2nd 3rd directory tree for SELinux policy 2nd disabling SELinux at boot time discretionary access control (DAC) vs. SELinux MAC dmesg command dnl (do not list) prefix for comments 2nd 3rd 4th domain entry points domain transition analysis domain transitions domain type attribute domain_auto_trans macro 2nd 3rd Audit2allow utility and creating new domain domain_trans macro 2nd domains allowing access to existing domains creating new entering, using role statement protecting memory with role type declarations and security attributes transitioning to 2nd what files are related domains subdirectory 2nd files/subdirectories in dontaudit access vector 2nd conditional declarations and sample declaration dosfs_t type dri_device_t type Dwerryhouse, Paul