19.2. Types

The main permission control method used in SELinux targeted policy to provide advanced process isolation is Type Enforcement. All files and processes are labeled with a type: types define a SELinux domain for processes and a SELinux type for files. SELinux policy rules define how types access each other, whether it be a domain accessing a type, or a domain accessing another domain. Access is only allowed if a specific SELinux policy rule exists that allows it.
The following types are used with CVS. Different types allow you to configure flexible access:
cvs_data_t
This type is used for data in a CVS repository. CVS can only gain full access to data if it has this type.
cvs_exec_t
This type is used for the /usr/bin/cvs binary.