On Mon, 2004-04-05 at 11:01, Konstantin Ryabitsev wrote: > seth vidal wrote: > > instead of checking perms on each run to see if the user can write to > > the cache dir, just skip it if ther user is not root. > > This is probably a behavior that might need to change with all that > SELinux stuff coming along. Pretty painful, I'm sure, as selinux has > been so far. :) I'm not convinced that putting in selinux checks is 1. reasonable 2. palatable at this point. I'm also pretty sure that making the cache writable by someone who is not sysadm_t is a security issue of some kind. -sv
