-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 11/08/2013 11:17 AM, m.roth@xxxxxxxxx wrote: > We've got a server that, among other web things, is serving SVN. For one > function, we have a cgi scipt that using sudo - my manager tells me it was > the simplest way of dealing with certain complexities. > > Is there a way to create a local policy that would apply to that script > *only*, not to everything apache's serving? > > CentOS 6.4 > > mark > > -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux > Yes you could simply write a policy for that script. Use sepolgen and create a cgi policy. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlJ9LJcACgkQrlYvE4MpobPHBACg2UeiWIAKKaaLYhVY6nLR14n/ yswAoLaP6aiFlNTGEN2MP5eTPoE6oa2G =7neG -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
