What’s the use of an object’s user and role in SELinux?
SELinux users determine the SELinux roles a process can assume, which in turn determines the domain (type) it can get into. However, objects are also labelled with user:role:type, and only the type part is used for type enforcement.
Say I … Continue reading What’s the use of an object’s user and role in SELinux?