WEBVTT

00:01.530 --> 00:09.650
In a previous lesson I mentioned that in the context of processes types often referred to as domains.

00:10.140 --> 00:17.250
If you take a look here on my server if I go through and P.S. dash easy you can see we've got a special

00:17.250 --> 00:20.700
type called on confined T.

00:20.910 --> 00:29.790
This is a special domain for any process that doesn't have an SC Linux policy confining it to a specific

00:30.540 --> 00:31.550
domain.

00:31.650 --> 00:39.930
Process is in this domain are only subject to standout discretionary access controls.

00:39.930 --> 00:49.500
In the olden days a lot of processes run in this domain but that list of processes keeps getting smaller

00:49.530 --> 00:52.880
and smaller with each release of Red Hat.

00:53.070 --> 01:00.570
This days only use out processes and custom applications run on confined.

01:00.570 --> 01:08.880
Everything else gets targeted by policy and is confined to specific domain.

01:09.300 --> 01:15.900
All processes in this domain can mix and mingle with each other almost to save SC.

01:15.900 --> 01:24.240
Linux wasn't available on the system E for want to see the list of types available from the current

01:24.690 --> 01:26.770
policy.

01:26.770 --> 01:37.080
I can go ahead and SC info gash t e fi type this out to word count.

01:37.170 --> 01:49.950
Now you can see it has nearly 5000 types or domains on this machine used by the targeted policy to restrict

01:50.040 --> 01:53.040
objects use in type enforcement.