Chapter 4. Process Domains and File-level Access Controls
When we work on an SELinux-enabled system, gathering information about the contexts associated with the files and processes is extremely important. We also need to understand how these contexts are used in policies and what the applicable security rules are for a specific process.
In this chapter, we will:
Work with file contexts and learn where they are stored
Understand how contexts are assigned
Look at how processes get into the context they are in
Get our first taste of the SELinux policy and how we can query it
We end with another SELinux feature called constraints and how it is used to provide the user-based access control feature.
