From: dominick.grift@gmail.com (Dominick Grift)
Date: Wed, 23 Oct 2013 21:38:23 +0200
Subject: [refpolicy] I think we made a large mistake when we designed
 apache_content_template.
In-Reply-To: <52680DF1.3000700@redhat.com>
References: <52680DF1.3000700@redhat.com>
Message-ID: <1382557103.3041.120.camel@d30>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Wed, 2013-10-23 at 13:57 -0400, Daniel J Walsh wrote:
> 	type httpd_$1_content_t; # customizable;

> 
> Then tools can look for all content which begins bugzilla and have the correct
> types drawn.

How about one teaches ones tool to use seinfo and sesearch instead?

Depending on the policy model it might not even be an issue to label
files with process type ( although i does not make sense to do it )

But its just a property of the policy you are using

People might have a policy implemented that has different properties,
and a meaningful tool would have the ability to determine
characteristics no matter what the policies properties are