Paul Howarth wrote:
On Tue, 2005-07-19 at 13:12 +0200, Nicklas Norling wrote:
I would encourage a boolean for shared data location. I think labeling a
folder and it's subcontent with a specific label and then have different
services be able to use it might be a start. That way I could disallow
smb the rights but allow ftpd and httpd (as an example). I think that
would be a great improvment from my point of view.
I think this is a great idea. I have a file server at home where I stick
all the software I've downloaded, some for Linux and some for Windows.
The Windows box accesses the area using samba and Linux uses httpd as
I've set up a local yum repo for the Linux software. So in Niklas' idea
I'd be enabling httpd and smb for this and not ftp.
This type might be a good one to use for everything under /srv...
Paul.
Ok. I am allowing ftpd, samba, apache and/or apache scripts, rsync to
read ftpd_anon_t.
So if you want files shared by these services, you can change the
context to ftpd_anon_t.
--
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
