[redhat-lspp] /home at SystemHigh
Russell Coker
rcoker at redhat.com
Thu Feb 23 23:28:58 UTC 2006
On Thu, 2006-02-23 at 15:16 -0500, Linda Knippers wrote:
> /home at SystemHigh also makes useradd not work. If the admin
> is running at SystemHigh, its possible to create the home directory
> but not update the passwd/shadow files. If the admin is running
> at SystemLow, then its possible to update the passwd/shadow files
> but not create the home directory.
>
> Does /home need to be SystemHigh?
I think that SystemLow-SystemHigh is the correct label for /home.
Of course you could have /secrethome labeled at Secret-SystemHigh or
similar things, but given that /etc/passwd is world readable I can't
imagine any real benefit in doing such things.
More information about the redhat-lspp
mailing list