On Thursday, March 8, 2018 2:14:53 PM AKST Thomas Cameron wrote: > On 03/08/2018 05:04 PM, m.roth@xxxxxxxxx wrote: > > I think it gets system if you copy it without copying the selinux > > label.... > > Pretty sure it inherits from the parent directory if you copy, doesn't it? So you want a PGP/GPG signature thingy? Now we need a mental health check, because the date, time, subject, and intended recipient(s) are not part of what is actually signed. [/sarcasm] So if you *copy* (cp) a file, it usually inherits "context" from the destination parent directory. On the other hand if you *move* (mv) a file, it tends to retain its original security context. I have also had trouble copying a symlinked file when a deep copy of the data was made, but the basic permissions of the new file were set to 0777, that of the symlink, not the original file pointed to. These things are not always working the way they are supposed to, and the rules are not always consistent.
Attachment:
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
