Re: DAV

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Development discussions related to Fedora Core <fedora-devel-list@xxxxxxxxxx>
Subject: Re: DAV
From: Alan Cox <alan@xxxxxxxxxx>
Date: Thu, 7 Oct 2004 12:51:36 -0400
In-reply-to: <20041007164138.GB6445@redhat.com>
List-archive: </archives/fedora-devel-list>
List-help: <mailto:fedora-devel-list-request@redhat.com?subject=help>
List-id: Development discussions related to Fedora Core <fedora-devel-list.redhat.com>
List-post: <mailto:fedora-devel-list@redhat.com>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-devel-list>, <mailto:fedora-devel-list-request@redhat.com?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-devel-list>, <mailto:fedora-devel-list-request@redhat.com?subject=unsubscribe>
References: <1097105063.4711.37.camel@ws.1sttier.net> <1097133615.2789.12.camel@laptop.fenrus.com> <1097154001.13339.24.camel@moss-spartans.epoch.ncsc.mil> <20041007142526.GC1411660@hiwaay.net> <20041007144403.GA1073@osiris.silug.org> <41655831.4040908@math.unl.edu> <20041007154910.GA27709@redhat.com> <20041007155727.GA12649@devserv.devel.redhat.com> <20041007164138.GB6445@redhat.com>
Reply-to: Development discussions related to Fedora Core <fedora-devel-list@xxxxxxxxxx>
User-agent: Mutt/1.4.1i

On Thu, Oct 07, 2004 at 05:41:38PM +0100, Joe Orton wrote:
> > Your apache needs to have setfsuid rights, that is all
> 
> Are you talking about capabilities or SELinux policy there?  Does the
> capability bit not then allow children to setfsuid(0) and write files as
> root?

You have control over how its inherited depending on whether you admit to
being capability aware or not. In the sane case you'd turn it off when 
execing just as you make sure files all get closed.

Alan

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Follow-Ups:
- Re: DAV
  - From: Joe Orton

References:
- SELinux should be off by default in FC3
  - From: Nathan Grennan
- Re: SELinux should be off by default in FC3
  - From: Arjan van de Ven
- Re: SELinux should be off by default in FC3
  - From: Stephen Smalley
- Re: SELinux should be off by default in FC3
  - From: Chris Adams
- Re: SELinux should be off by default in FC3
  - From: Steven Pritchard
- Re: DAV
  - From: Rex Dieter
- Re: DAV
  - From: Joe Orton
- Re: DAV
  - From: Alan Cox
- Re: DAV
  - From: Joe Orton

Prev by Date: Re: SRPM's and determining spec file
Next by Date: Re: SRPM's and determining spec file
Previous by thread: Re: DAV
Next by thread: Re: DAV
Index(es):
- Date
- Thread

[Index of Archives] [Fedora Announce] [Fedora Kernel] [Fedora Testing] [Fedora Formulas] [Fedora PHP Devel] [Kernel Development] [Fedora Legacy] [Fedora Maintainers] [Fedora Desktop] [PAM] [Red Hat Development] [Gimp] [Yosemite News]