On Thu, 2004-10-07 at 10:25, Chris Adams wrote: > Lots of web users use FTP to upload files. FTP has a chmod command; it > does not have commands to alter SELinux labels (and even if such > commands were added, you aren't liable to get WSFTP and such to change > just to support a few Linux servers). > > Not all users have shell access either. If they upload to the right location in the first place, then they likely won't have a problem - the new files will inherit the security context of the parent directory. It is only when they upload to a location with different protection defaults and then move to the new location. Even copying would work fine, as noted, as it doesn't preserve protections by default unless you specify the corresponding option. -- Stephen Smalley <sds@xxxxxxxxxxxxxx> National Security Agency
