Horde Application Suite and SELinux...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi folks!

I've just installed the php based Horde Application Suite
(http://horde.org) on a Fedora Core 3. Everything is working great
with the targeted policy and SELinux enabled except for a small
problem with spell checking in the Imp webmail app.

The spell checker passes the text to aspell using a temporary file in
/tmp. The targeted policy prohibits "http scripts" from using the /tmp
directory... so aspell runs but doesn't return any results. If I
disable SELinux, it works fine... but since this server will be
running in a hostile environment, I'd rather not.  I could also add:

allow httpd_sys_script_t httpd_tmp_t:file { getattr read };

... to the targeted policy, but I'd prefer not modify it or open this
directory up to other less trustworthy scripts that may eventually run
on the system.

I've thought about creating a separate directory and rule for this app
and operation... but I can't help but wonder if there's better
approach for resolving this problem? Any suggestions would be greatly
appreciated!

Thanks,

-Tom


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux