Re: SELinux & apache/httpd access to /home/*/www

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: "Fedora SELinux support list for users & developers." <fedora-selinux-list@xxxxxxxxxx>
Subject: Re: SELinux & apache/httpd access to /home/*/www
From: Stephen Smalley <sds@xxxxxxxxxxxxxx>
Date: Fri, 17 Sep 2004 08:49:16 -0400
In-reply-to: <414AD5CF.8010901@donut.dk>
List-archive: </archives/fedora-selinux-list>
List-help: <mailto:fedora-selinux-list-request@redhat.com?subject=help>
List-id: "Fedora SELinux support list for users & developers." <fedora-selinux-list.redhat.com>
List-post: <mailto:fedora-selinux-list@redhat.com>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-selinux-list>, <mailto:fedora-selinux-list-request@redhat.com?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-selinux-list>, <mailto:fedora-selinux-list-request@redhat.com?subject=unsubscribe>
Organization: National Security Agency
References: <41483679.9020503@donut.dk> <4148585D.80204@redhat.com> <414A2D4E.8090004@donut.dk> <414ACB14.9050007@redhat.com> <414AD5CF.8010901@donut.dk>
Reply-to: "Fedora SELinux support list for users & developers." <fedora-selinux-list@xxxxxxxxxx>

On Fri, 2004-09-17 at 08:17, Cream[DONut] wrote:
> could it be this one missing?
> 
> allow httpd_t home_root_t:dir { read };

It should only require search permission to home_root_t and
user_home_dir_t in order to lookup /home/<username>/www, and then have
read permission to httpd_user_content_t.  Naturally, someone (Dan,
Russell, me, whoever) should verify that, but in the past, that was
sufficient.

-- 
Stephen Smalley <sds@xxxxxxxxxxxxxx>
National Security Agency

Follow-Ups:
- Re: SELinux & apache/httpd access to /home/*/www
  - From: Stephen Smalley

References:
- SELinux & apache/httpd access to /home/*/www
  - From: Cream[DONut]
- Re: SELinux & apache/httpd access to /home/*/www
  - From: Daniel J Walsh
- Re: SELinux & apache/httpd access to /home/*/www
  - From: Cream[DONut]
- Re: SELinux & apache/httpd access to /home/*/www
  - From: Daniel J Walsh
- Re: SELinux & apache/httpd access to /home/*/www
  - From: Cream[DONut]

Prev by Date: Re: SELinux & apache/httpd access to /home/*/www
Next by Date: Re: cups, /dev/fd
Previous by thread: Re: SELinux & apache/httpd access to /home/*/www
Next by thread: Re: SELinux & apache/httpd access to /home/*/www
Index(es):
- Date
- Thread

[Index of Archives] [Fedora Users] [Fedora Desktop] [Big List of Linux Books] [Yosemite News] [Yosemite Campsites] [KDE Users] [Gnome Users]