awstats AVC denial
Daniel J Walsh
dwalsh at redhat.com
Tue Feb 10 16:02:15 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Vadym Chepkov wrote:
> Yes,
>
> RHEL5
>
> Sincerely yours,
> Vadym Chepkov
>
>
> --- On Tue, 2/10/09, Daniel J Walsh <dwalsh at redhat.com> wrote:
>
>> From: Daniel J Walsh <dwalsh at redhat.com>
>> Subject: Re: awstats AVC denial
>> To: "Dominick Grift" <domg472 at gmail.com>
>> Cc: "Vadym Chepkov" <chepkov at yahoo.com>, "Fedora SELinux" <fedora-selinux-list at redhat.com>
>> Date: Tuesday, February 10, 2009, 9:38 AM
> Dominick Grift wrote:
>>>> On Sat, 2009-02-07 at 08:33 -0800, Vadym Chepkov
> wrote:
>>>>> LOL,
>>>>> In RedHat I can't read those files at all, but
> in Fedora it's granted twice:
>>>> I think it is a bug in policy. the "sys"
> domain should have access to
>>>> "sys" files.
>>>>
>>>> But if you can fix it using httpd_sys_script_ro_t then
> thats also fine i
>>>> guess.
>>>>
>>>>> Sincerely yours,
>>>>> Vadym Chepkov
>>>>>
>>>>>
>>>> --
>>>> fedora-selinux-list mailing list
>>>> fedora-selinux-list at redhat.com
>>>>
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
> httpd_sys_script_ro_t == httpd_sys_content_t in F10 and
> beyond.
>
> Are you hitting this in RHEL5?
Ok, I will add this to U4 policy.
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkmRpQYACgkQrlYvE4MpobND/wCg1sWlIngXzv4zQEhRWN8mb4dr
oKwAnRc3iFie67TAcyNCLofzOW/e4zI2
=YWgZ
-----END PGP SIGNATURE-----
More information about the fedora-selinux-list
mailing list