denying group of users from r/w/x files
Chuck Anderson
cra at WPI.EDU
Tue Feb 10 13:34:56 UTC 2009
On Mon, Feb 09, 2009 at 10:59:53PM -0600, Ali Hamad wrote:
> a) create a rule for file that can not be accessed from known group
> of users. i.e group A can not read/write/execute this file. However,
> the file permission is 666 and that file permission can not be changed.
> b) directory that has permission of 777. However, group A of users
> can not write/read/execute it.
>
> Any suggestion is highly appreciated.
How about using POSIX ACLs instead of SELinux? Check out the getfacl
and setfacl commands.
More information about the fedora-selinux-list
mailing list