Stephen Smalley wrote:
On Thu, 2006-03-30 at 17:36 -0500, Daniel J Walsh wrote:
I have been informed that if you are running ldap-with-ssl you will need
these permissions.
So added to selinux-policy-2.2.28-3
Available in Rawhide tomorrow
On ftp://people.redhat.com/dwalsh/SELinux/Fedora Now
Will be back ported to FC5 soon.
Is this under a boolean? Allowing such wide ranging access to the cert
files is obviously not desirable in general...
Which should I put under a boolean?
grep -r miscfiles_read_cert .
./modules/apps/evolution.if: miscfiles_read_certs($1_evolution_server_t)
./modules/system/authlogin.if: miscfiles_read_certs($1_chkpwd_t)
./modules/system/authlogin.if: miscfiles_read_certs($1)
./modules/system/init.te:miscfiles_read_certs(initrc_t)
./modules/system/miscfiles.if:interface(`miscfiles_read_certs',`
./modules/admin/certwatch.te:miscfiles_read_certs(certwatch_t)
./modules/services/dbus.te:miscfiles_read_certs(system_dbusd_t)
./modules/services/cyrus.te:miscfiles_read_certs(cyrus_t)
./modules/services/fetchmail.te:miscfiles_read_certs(fetchmail_t)
./modules/services/dovecot.te:miscfiles_read_certs(dovecot_t)
./modules/services/nscd.te:miscfiles_read_certs(nscd_t)
./modules/services/ldap.te:miscfiles_read_certs(slapd_t)
./modules/services/automount.te:miscfiles_read_certs(automount_t)
./modules/services/postfix.if: miscfiles_read_certs(postfix_$1_t)
./modules/services/sasl.te:miscfiles_read_certs(saslauthd_t)
./modules/services/apache.te:miscfiles_read_certs(httpd_t)
./modules/services/squid.te:miscfiles_read_certs(squid_t)
I just added hal and automount?
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
