Policy for denyhosts
Daniel J Walsh
dwalsh at redhat.com
Wed Nov 29 18:32:47 UTC 2006
Jason L Tibbitts III wrote:
>>>>>> "JC" == Jeff Carlson <jeff at ultimateevil.org> writes:
>>>>>>
>
> JC> Well, my SSH gateway is still running FC-4, targeted policy.
>
> Very little chance that this policy would make it into FC4. Probably
> FC7 only, honestly.
>
> - J<
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
A better solution from the SELinux point of view is to add a new
directory. and /etc/denyhosts/ and put your configuration files there.
Then the script can read and write that directory. Putting modifiable
files in /etc is a bad idea from an SELinux point of view.
More information about the fedora-selinux-list
mailing list