httpd newbie / access denied, no permission to ~userid
Tim
ignored_mailbox at yahoo.com.au
Tue Aug 16 13:39:15 UTC 2005
Tim:
>> Really, how difficult would it have been for WORLD READABLE file
>> permissions to be treated as such by SELinux?
Rahul Sundaram wrote:
> "world readable" is a DAC based permission model. SELinux is MAC based.
> see Fedora SELinux FAQ on this. The whole point of SELinux is to
> restrict operations based on the process above and top of the classic
> Linux permissions
Be that as it may, it's counterintuitive: Why should we have to set
permissions in two different ways? If we set something as world
readable, let the system actually apply that setting (it should also set
appropriate SELinux restrictions for you).
Owner permissions are one thing. But setting something as world
readable ought to be treated just as you intended.
--
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.
More information about the fedora-list
mailing list