Layer: kernel

Module: mcs

Interfaces

Description:

Multicategory security policy

This module is required to be included in all policies.


Interfaces:

mcs_killall( domain )
Summary

This domain is allowed to sigkill and sigstop all domains regardless of their MCS category set.

Parameters
Parameter:Description:
domain

Domain target for user exemption.

mcs_process_set_categories( domain )
Summary

Make specified domain MCS trusted for setting any category set for the processes it executes.

Parameters
Parameter:Description:
domain

Domain target for user exemption.

mcs_ptrace_all( domain )
Summary

This domain is allowed to ptrace all domains regardless of their MCS category set.

Parameters
Parameter:Description:
domain

Domain target for user exemption.

Return