access vectors (AV) of TE access matrix
3 kinds of AV - allow, auditallow, dontaudit
define access rights between types
allow sshd_t sshd_exec_t:file { read execute entrypoint }; allow sshd_t sshd_tmp_t:file { create read write getattr setattr link unlink rename }; allow sshd_t user_t:process transition;
