Exercises

Previous page
Table of content
Next page

1.

Declare a type named samba_t with the attribute domain and the alias smbd_t.

2.

Create an allow rule that gives a process with the type samba_t read, write, and getattr access to files of type user_home_t.

3.

Convert these allow rules into as few rules as possible:

allow samba_t self : process *; allow samba_t user_homedir_t : dir { read getattr search }; allow samba_t user_homedir_t : dir { write add_name }; allow samba_t user_homedir_t : file { read getattr }; allow samba_t user_home_t : file { write };


4.

Write an access vector rule that will cause an audit message to be generated whenever a user's SSH key file, represented by the type user_ssh_key_t, is written.

5.

Write a type_transition rule that will cause files of type sysadm_tmp_t to be created by default when processes of type sysadm_t create files in directories of type tmp_t.

6.

Write a type_transition rule that will cause a domain transition to games_t to occur when processes of type user_t execute files of type games_exec_t.

7.

Write the minimum allow rules required that will allow the type_transition rule from Exercise 6 to succeed.



Previous page
Table of content
Next page
SELinux by Example(c) Using Security Enhanced Linux
SELinux by Example: Using Security Enhanced Linux
ISBN: 0131963694
EAN: 2147483647
Year: 2007
Pages: 154
Authors: Frank Mayer, Karl MacMillan, David Caplan
BUY ON AMAZON
Excel Scientific and Engineering Cookbook (Cookbooks (OReilly))
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
Information Dashboard Design: The Effective Visual Communication of Data
Ruby Cookbook (Cookbooks (OReilly))
File System Forensic Analysis
FileMaker 8 Functions and Scripts Desk Reference
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy