Simplicity is a form of art...

How does foo_t get this privilege?
by Sven Vermeulen, post on Sun 05 January 2014

Today a question was raised how the unprivileged user domain user_t was allowed to write to cgroup_t files. There is nothing obvious about that in the roles/unprivuser.te file, so what gives?

I used a simple script (which I've been using for a while already) called seshowtree which presents …