more fine grained access in /etc
Torbjørn Lindahl
torbjorn.lindahl at gmail.com
Thu Sep 13 13:16:46 UTC 2007
Hello, I am writing an application that I want to limit using selinux.
audit.log shows that it wants access to /etc/nsswitch.conf and /etc/hosts -
which doesn't seem to unreasonable, however both these have types etc_t ,
and allowing myapp_t to read etc_t would also give it access to for example
/etc/passwd, which i do not want.
Do I have to invent a new type for these two files to be able to keep my
application from the other etc_t files in /etc ?
--
mvh
Torbjørn Lindahl
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20070913/fa5410ea/attachment.htm>
More information about the fedora-selinux-list
mailing list