[Clip] Unexpected role change from custom role back to user_r
Stephen Smalley
sds at tycho.nsa.gov
Wed May 27 14:47:25 CDT 2009
On Wed, 2009-05-27 at 12:44 -0700, West, Gary-P55389 wrote:
> System is mls
> System is currently in permissive mode
> Policy is modular but all modules are in the base policy
>
> Files changed with custom role:
>
> src/config/appconfig-mls/default_type --------------------
> app_pso_r:app_pso_t
>
> src/config/appconfig-mls/default_contexts ----------------
> system_r:xdm_t:s0 user_r:user_t:s0 staff_r:staff_t:s0
> sysadm_r:sysadm_t:s0 unconfined_r:unconfined_t:s0 app_pso_r:app_pso_t:s0
Doesn't this cause you to still default to user_r (if the user is
authorized for both user_r and app_pso_r), since user_r is listed first?
--
Stephen Smalley
National Security Agency
More information about the Clip
mailing list