diff options
| author | John Turner <jturner.usa@gmail.com> | 2025-08-26 21:21:40 -0400 |
|---|---|---|
| committer | John Turner <jturner.usa@gmail.com> | 2025-08-26 21:21:40 -0400 |
| commit | 37a21e6c64695d3f64b9d68ee32d43345c9826ec (patch) | |
| tree | 89117c123a4c0aee0f2898049ff93a2cbaf5ff6b | |
| parent | 265bd27dc6186c309fb227b7787fb6ef1cbf7ae0 (diff) | |
| download | website-37a21e6c64695d3f64b9d68ee32d43345c9826ec.tar.gz | |
mention sidcontext
| -rw-r--r-- | blog/access-control.org | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/blog/access-control.org b/blog/access-control.org index 0a37efb..79e3039 100644 --- a/blog/access-control.org +++ b/blog/access-control.org @@ -236,6 +236,10 @@ Another example would be transitioning from one context to another when executin *** how do processes get typed With dssp5, processes will start in the ~sys.subj~ context which is basically unconfined and has access to everything. Processes change types via type transitions or with ~runcon~. We will go over type transitions a bit more later when we define the weechat module. +#+BEGIN_SRC + (sidcontext init (sys.id sys.role sys.subj sys.lowlow)) ;; userspace_initial_context +#+END_SRC + *** cil overview Cil is the language we will write policy in. It's a simple sexpr based language, with namespaces, types, typeattributes (metatypes), macros and templates. |