AppArmor for Fedora
Todd Zullinger
tmz at pobox.com
Mon Aug 27 23:26:19 UTC 2007
Marc Wilson wrote:
> On Mon, Aug 27, 2007 at 05:09:42PM -0500, Les Mikesell wrote:
>> Wouldn't the SELinux approach protect only the old copy?
>
> Correct. For fun, edit /etc/fstab with vim, save it, then reboot.
> Watch the errors fly.
>
> Of course, a quick restorecon(8) fixes it. :)
Perhaps that happened in an older version of vim? Using F7 I have no
problem editing /etc/fstab in vim. The context, before and after, is:
# ll -Z /etc/fstab
-rw-r--r-- root root system_u:object_r:etc_t /etc/fstab
I'm not sure if it's vim that maintains the context or if restorecond
resets them -- there's no log messages saying it has. But the result
is the same either way, the context is maintained without my help.
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Well at first I was skeptical but then I thought I could be like
Hillary Clinton, just without the penis.
-- Lois Griffin, The Family Guy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20070827/2c5947c0/attachment-0001.sig>
More information about the fedora-list
mailing list