On Sun, 14 Mar 2004 17:36, Aleksey Nogin <aleksey@xxxxxxxxx> wrote: > > Allowing an > > unlink of file_t files is probably OK, I'll add that to my tree. > > Would it be a better idea to change how file_contexts marks files in > /tmp and see whether that is sufficient? Not all existing files in /tmp will be labeled by setfiles. The problem is that you have multiple users who may put files in /tmp, and determining which user is responsible for a particular file is inconvenient. I guess we could have a program that looks at the UID of a file and then assigns it a type based on the role(s) that are permitted for the user who's name matches the UID. But this is ugly, and I expect that we will find cases of SETUID/SETGID programs creating files in /tmp that will cause problems with this if we try implementing it. This is why we are looking at removing files from /tmp as part of a file system label. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
