diff options
| -rw-r--r-- | blog/access-control.org | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/blog/access-control.org b/blog/access-control.org index 0a37efb..79e3039 100644 --- a/blog/access-control.org +++ b/blog/access-control.org @@ -236,6 +236,10 @@ Another example would be transitioning from one context to another when executin *** how do processes get typed With dssp5, processes will start in the ~sys.subj~ context which is basically unconfined and has access to everything. Processes change types via type transitions or with ~runcon~. We will go over type transitions a bit more later when we define the weechat module. +#+BEGIN_SRC + (sidcontext init (sys.id sys.role sys.subj sys.lowlow)) ;; userspace_initial_context +#+END_SRC + *** cil overview Cil is the language we will write policy in. It's a simple sexpr based language, with namespaces, types, typeattributes (metatypes), macros and templates. |