Similar question ... Is there an accepted configuration/policy that allows a system to perform as an interface between a non-labeled environment and one or more labeled environments?
Thanks, Doug -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Klaus Weidner Sent: Monday, August 21, 2006 5:40 PM To: Rodrigo Vivi Cc: [email protected] Subject: Re: [redhat-lspp] mls level to without classification On Mon, Aug 21, 2006 at 02:42:59PM -0300, Rodrigo Vivi wrote: > Is it possible to change the mls level of a file to "without classification" ? You can give it the "trusted object" attribute which will allow access without MLS restrictions (access will still be controlled by DAC/RBAC/TE). Look for "mls_trusted_object" entries in the refpolicy source for examples. For a quick&dirty hack, you could try labeling the file as "dev_null_t" which is such a trusted object in the default MLS config. -Klaus -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
