how does rpm work under Selinux
Stephen Smalley
sds at tycho.nsa.gov
Wed Jun 1 11:31:10 UTC 2005
On Wed, 2005-06-01 at 00:53 +0100, Mike Hearn wrote:
> On Tue, 31 May 2005 15:11:30 -0400, Stephen Smalley wrote:
> > rpm has been modified to set the security context on newly installed
> > files in accordance with the policy (based on the file_contexts
> > configuration).
>
> I thought RPMs could contain their own file contexts for each contained
> file, rather than relying on external regular expressions. Is this not the
> case? Was it ever the case? :)
That was the original approach during FC2 development, but was later
dropped. With multiple policies (strict, targeted, mls, ...), including
potential customization by end users, it became problematic.
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list