Overriding the default SELinux policies
by Sven Vermeulen, post on Wed 15 May 2013Extending SELinux policies with additional rules is easy. As SELinux uses a deny by default approach, all you need to do is to create a policy module that contains the additional (allow) rules, load that and you're all set. But what if you want to remove some rules?
Well, sadly …