Describe the differences and uses between a policy binary file (for example, policy.19) and a complete policy source file (policy.conf).
2.
Describe the primary differences between a strict and targeted policy.
3.
Describe the difference between the policy source modules in ./domains/program/ and the file context modules in ./file_contexts/program/. What is in each and why?
4.
In the policy module for ping shown in Listing 11-1, examine the statements at lines 11 and 39. What is the difference between these two forms of "if"?
5.
Examine lines 19 and 20 in Listing 11-1. Locate where both of these macros are defined.
6.
Examine lines 19 and 20 in Listing 11-1. Locate where both of these macros are defined.
7.
Examine the usage and implementation of two network macros from Question 5. Notice that the implementation of the can_resolve macro that we use in line 20 calls the can_network_client macro. In line 19, we also separately invoke the can_network_client macro. Now examine the implementations of both of these macros. Is the invocation of can_network_client on line 19 redundant given that the can_resolve macros also invokes it? Explain your conclusion.