I want to achieve the result that just allow jd process to open and read
For this target, I add some rules in policy file.
And after that, I want to verify my policy. So, I create a test.c to read
/data/audit/log/audit.log. Using gcc to build the test.c to executable
test.The file test.c and test is in /home/pengfei.
My modify policy are as follows:
add new type in file.te
type sec_file, file_type, data_file_type;
type jd_exec, file_type;
add the contexts in the file_contexts
/data/audit/log/audit.log       u:object_r:sec_file:s0
/home/pengfei/test             u:object_r:jd_exec:s0
add rule in jd.te
allow jd sec_file:file {read, open };
allow jd  jd_exec:file rx_file_perms;
How can I verify my policy? Can I create a executable file to imitate jd.
How to assign the  conte

Please help me. Thanks advance.
Seandroid-list mailing list
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 

Reply via email to