how does rpm work under Selinux
sds at tycho.nsa.gov
Wed Jun 1 11:31:10 UTC 2005
On Wed, 2005-06-01 at 00:53 +0100, Mike Hearn wrote:
> On Tue, 31 May 2005 15:11:30 -0400, Stephen Smalley wrote:
> > rpm has been modified to set the security context on newly installed
> > files in accordance with the policy (based on the file_contexts
> > configuration).
> I thought RPMs could contain their own file contexts for each contained
> file, rather than relying on external regular expressions. Is this not the
> case? Was it ever the case? :)
That was the original approach during FC2 development, but was later
dropped. With multiple policies (strict, targeted, mls, ...), including
potential customization by end users, it became problematic.
National Security Agency
More information about the fedora-selinux-list