-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/29/2011 03:07 PM, Mr Dash Four wrote: > >>> ## <desc> >>> ## <p> >>> ## Allow bittorrent servers to modify >>> ## public files used for public file >>> ## transfer services. Directories/Files >>> ## must be labeled public_content_rw_t. >>> ## </p> >>> ## </desc> >>> gen_tunable(allow_httpd_anon_write, false) >>> >> >> whoops copy and paste error ;) make that allow_bittorrentd_anon_write. >> >> >>> tunable_policy(`allow_bittorrent_anon_write',` >>> miscfiles_manage_public_files(bittorrentd_t) >>> ') >>> >> >> make that allow_bittorrentd_anon_write. >> > What files are these? As far as I know the only files transmissionbt > writes are (using the default configuration) under /var/lib/transmission > - that also includes temporary files created for it to operate. Could > you give me an example please? > Yes but this policy allows you to share bittorrent content with other services if so required. you would label /var/lib/transmission type public_content_rw_t and set allow_bittorrent_anon_write to allow bittorrentd_t to manage dirs and files there that can be shared with other services. For example samba, nfs etc etc. It is tunable. So by default this functionality is disabled. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk26u0IACgkQMlxVo39jgT/UXACfdwGASrOOo0ZfkfCVDPYYhy0t XTQAoL6oTUA57UYC0+FPRQycYMDGS19H =Rp45 -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
