On Thu, 2008-01-24 at 10:48 -0800, Steve G wrote: > > I would like to propose that we add one or more avc's to deal with > > opening a file. open or open_read open_write. > > > There are situations where apps should only do an open_append to make sure they don't erase anything. syslog, auditd, apache are a few apps that come to mind. > > -Steve > As far as I'm aware, SELinux, and this requested addition, doesn't govern _how_ you write, just whether you _can_ write. _______________________________ Brett Lentz | CarDomain Network System Administrator blentz@xxxxxxxxxxxxx | tel 206.926.2109 | cell 206.851.6669 http://www.cardomain.com/id/wakko666 "A University without students is like an ointment without a fly." -- Ed Nather, professor of astronomy at UT Austin -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
