On Thu, 17 Jul 2008, Daniel J Walsh wrote: > We have just added a new access called open. Before we had only > read/write. You could get read/write errors from open file descriptors > being passed around as explained above. useradd dwalsh > ~/myhome will > generate an Read/write avc. This is not some thing to worry about, > however if named suddenly got an "open" avc on user_home_t you know you > have a problem. Since named should never be opening files in the homedir. Btw, for those that missed it, I covered the new open perm here: http://james-morris.livejournal.com/31714.html One effect of this is that I think you could say it makes SELinux a lot more Unix-y. - James -- James Morris <jmorris@xxxxxxxxx> -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
