[newbie] SELinux and the /srv directory
Daniel J Walsh
dwalsh at redhat.com
Wed Aug 17 01:36:28 UTC 2005
Razvan Sandu wrote:
> Hello,
>
>
> Thanks to all of you for your responses about /srv !
>
> Just one more detail, to be precise:
> I don't want those files to be read/written by *anyone* (i.e.
> anonymously), but just one predefined
> group of users (/srv/project has sgid to that group, etc.).
>
> Should I still use the booleans you've mentioned ?
>
> Is there a piece of doc that contains a complete list of those SELinux
> booleans, with detalied explanations about each one, in order to do
> various such customizations ?
>
No, not yet. They are somewhat explained in ftpd_selinux.8. Having
only one group access them is a DAC requirement. MAC will protect the
files from other processes.
>
> Thanks again,
> Razvan
> --
> Dipl. Eng. Razvan SANDU <rsandu @ softhome.net>
> Bucharest, Romania
>
>
>
--
More information about the fedora-list
mailing list