Hi, I'm new to RH5.x/SELinux. I have a simple PHP script which will call passthru() or exec() to invoke "/bin/ls" or other external commands to do some taskes. The SELinux (targeted policy) deny the action by default. Following the message in sealert which ask me to relabel /bin/ls to allow httpd to invoke /bin/ls from my PHP (ls.php) ... well, it's OK ... but I'm wondering if I can only limit invoking "/bin/ls" from ONLY my "ls.php". So, other PHP still can't call exec() to invoke "/bin/ls". Is this possible in targeted policy ? Thanks KC -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
