If not, what would be an example of a non-object permission?
From serverfault
blunders
-
IIRC, in Posix systems (of which Linux is one) the dictum "everything is a file" is very much the case. You can do direct memory access with file-access API. So yes, there are permissions attached to all objects.
blunders : @sysadmin1138 - Thanks, already randomly ran across your profile trying to trouble shoot some system errors on SX-meta, and am truly impressed with the depth of knowledge you have. Cheers!Vatine : Well, everything is a file, a semaphore, a message queue, a non-FS-attached shared memory segment or a socket (and sockets are pretty darned file-like, except they normally don't live in a file-like namespace).From sysadmin1138 -
Things such as SELinux permissions are not directly attached to the object, and must be inferred from the context attached to the object, the role of the current user, the domain of the current process, and the transitions given within the policy.
0 comments:
Post a Comment