Daniel J Walsh wrote:
: -----BEGIN PGP SIGNED MESSAGE-----
: Hash: SHA1
:
: Daniel J Walsh wrote:
: > Jan Kasprzak wrote:
: >> In my Fedora 10 system, all fonts under /usr/share/fonts
: >> are of the fonts_t type, while the fontconfig files under /etc/fonts
: >> are of the default etc_t type. I think it would make sense to move
: >> the whole /etc/fonts directory under the fonts_t type, so that user
: >> can easily say "this domain can use fonts" and be done without allowing
: >> the domain to read the whole /etc directory and files.
: >
: > yes. If there are fonts in /etc/fonts it should be labeled fonts_t
: if they are not fonts though lots of domains can write to fonts_t
These are configuration files for fontconfig-based fonts
(used by GNOME/KDE, xetex, ...). Virtual fonts like "mono" or "serif"
are described here, etc. It probably makes sense that everybody who
can legally write /usr/share/fonts should also be able to write to /etc/fonts.
-Yenya
--
| Jan "Yenya" Kasprzak <kas at {fi.muni.cz - work | yenya.net - private}> |
| GPG: ID 1024/D3498839 Fingerprint 0D99A7FB206605D7 8B35FCDE05B18A5E |
| http://www.fi.muni.cz/~kas/ Journal: http://www.fi.muni.cz/~kas/blog/ |
>> If you find yourself arguing with Alan Cox, you’re _probably_ wrong. <<
>> --James Morris in "How and Why You Should Become a Kernel Hacker" <<
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
