-
Stephen Smalley authored
This ensures that only domains that are explicitly allowed executable memory permissions are granted them. Unconfined domains retain full write + execute access to all file types. A further change could possibly restrict execute access to a subset of file types, e.g. system_file + exec_type. Change-Id: I842f5a2ac5921cc2bd0ab23a091eb808fdd89565 Signed-off-by:Stephen Smalley <sds@tycho.nsa.gov>
4e416ea4
