Re: [newbie] SELinux and the /srv directory
From: Daniel J Walsh (dwalsh_at_redhat.com)
Date: 08/17/05
- Previous message: David Niemi: "Re: Numlock as standard?"
- In reply to: Razvan Sandu: "Re: Re: [newbie] SELinux and the /srv directory"
- Maybe reply: Razvan Sandu: "Re: Re: [newbie] SELinux and the /srv directory"
- Reply: Paul Howarth: "Re: [newbie] SELinux and the /srv directory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 16 Aug 2005 21:36:28 -0400 To: Razvan Sandu <rsandu@softhome.net>, For users of Fedora Core releases <fedora-list@redhat.com>
Razvan Sandu wrote:
> Hello,
>
>
> Thanks to all of you for your responses about /srv !
>
> Just one more detail, to be precise:
> I don't want those files to be read/written by *anyone* (i.e.
> anonymously), but just one predefined
> group of users (/srv/project has sgid to that group, etc.).
>
> Should I still use the booleans you've mentioned ?
>
> Is there a piece of doc that contains a complete list of those SELinux
> booleans, with detalied explanations about each one, in order to do
> various such customizations ?
>
No, not yet. They are somewhat explained in ftpd_selinux.8. Having
only one group access them is a DAC requirement. MAC will protect the
files from other processes.
>
> Thanks again,
> Razvan
> --
> Dipl. Eng. Razvan SANDU <rsandu @ softhome.net>
> Bucharest, Romania
>
>
>
-- -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: David Niemi: "Re: Numlock as standard?"
- In reply to: Razvan Sandu: "Re: Re: [newbie] SELinux and the /srv directory"
- Maybe reply: Razvan Sandu: "Re: Re: [newbie] SELinux and the /srv directory"
- Reply: Paul Howarth: "Re: [newbie] SELinux and the /srv directory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
