Running two named processes in selinux
Paul Howarth
paul at city-fan.org
Fri Jun 30 19:49:44 UTC 2006
On Fri, 2006-06-30 at 12:48 -0400, Faisal Ali wrote:
> Is it possible to run two named process in selinux each having
> different file permissions. Instead of using DNS Views Iam thinking
> about running two named processes, one for external and one for
> internal. Ofcourse external named process will have access to
> different set of files versus internal named process.
>
> Can this be done.
Are you thinking of this with a view to running the two named processes
in different SELinux domains so that they cannot read/write each others'
files? That's do-able, but will need a custom policy for one of the
daemons.
Or, are you asking whether simply running two different named processes
is possible with the default SELinux policy, with both running in the
same domain? That would be simpler, but still not as simple as using
views (why don't you want use views, since internal/external is just the
sort of application views were designed for?)?
Paul.
More information about the fedora-selinux-list
mailing list