Giving domain to applications
To assign domain, we have to configure domain transitions.
SPDL has two elements to configure domain transition: domain_trans and program .
domain_trans is syntax to configure domain transition,
program is syntax for simplified configuration.
RBAC
SPDL supports RBAC. role and user elements do that.
Access control to file
allow/deny are SPDL elements that enables to configure
access control to normal files. allowdev exists for device
files, and allowtmp exists for temporally(dynamically
created) files.
Access control to network
allownet does this.
Access control to IPC
allowcom does access control to IPC and signal.
Access control to other privilege
Other important OS operations that is not restricted above can be
configured by allowpriv.
