On Wed, 23 Feb 2005 10:33:25 -0500, Colin Walters <walters@xxxxxxxxxx> wrote: > On Wed, 2005-02-23 at 09:49 -0500, Colin Walters wrote: > > >>I made a huge mess when I started hacking the policy sources in > >>FC2... > One other note - all my comments were relative to the rawhide targeted > policy (which in the case of httpd AFAIK isn't very divergent from FC3). > However I know the delta between FC2 and FC3 is larger, particularly due > to the strict->targeted transition, and it's quite possible there are > bugs there (such as the one you are encountering) which are fixed in > FC3. Upgrading very strongly recommended :) Yes, I'm happily running the targeted policy in FC3! I was alluding to my less then elegant attemtps to modify the strict policy in FC2. :) I fixed the problem with the aspell call by adding the following rules per Karsten's excellent writeup on making policy changes with a local.te: allow httpd_sys_script_t httpd_tmp_t:file read; allow httpd_sys_script_t httpd_tmp_t:file getattr; Thanks for your comments and suggestions... much appreciated! -Tom
