Chapter 10. Handling SELinux-aware Applications
In this chapter, we will cover handling of SELinux-aware applications through the following recipes:
- Controlling D-Bus message flows
- Restricting service ownership
- Understanding udev's SELinux integration
- Using cron with SELinux
- Checking the SELinux state programmatically
- Querying SELinux userland configuration in C
- Interrogating the SELinux subsystem code-wise
- Running new processes in a new context
- Reading the context of a resource
Introduction
For most applications, the SELinux subsystem in the Linux kernel is capable of enforcing security controls without further interaction with other applications and components. However, there are actions that cannot be handled by the SELinux subsystem autonomously. Some ...
Get SELinux Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
