Closed stevegrubb closed 2 years ago
One attempt at organizing if here: https://github.com/linux-application-whitelisting/fapolicyd/issues/117#issuecomment-975940882
I like to propose the following organization:
10 - macros 20 - loop holes 30 - patterns 40 - ELF rules 50 - user/group access rules 60 - application access rules 70 - language rules 80 - trusted execute 90 - general open access to documents
I changed the order of 20 and 30, but otherwise it's the same as listed above. Closing this out.
With the rules.d directory code landing, we need to decompose the existing rules into their constituent policy goals. We need to come up with an organizing principle and then break up the rules. We need to create a README file for the rules.d source directory that explains how the rules are organized so that admins know where to place their own rules. It should be installed along side the sample rules in /usr/share.