[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

more fine grained access in /etc

From: "Torbjørn Lindahl" <torbjorn lindahl gmail com>
To: fedora-selinux-list redhat com
Subject: more fine grained access in /etc
Date: Thu, 13 Sep 2007 15:16:46 +0200

Hello, I am writing an application that I want to limit using selinux.

audit.log shows that it wants access to /etc/nsswitch.conf and /etc/hosts - which doesn't seem to unreasonable, however both these have types etc_t , and allowing myapp_t to read etc_t would also give it access to for example /etc/passwd, which i do not want.

Do I have to invent a new type for these two files to be able to keep my application from the other etc_t files in /etc ?

--
mvh
Torbjørn Lindahl

Follow-Ups:
- Re: more fine grained access in /etc
  - From: Daniel J Walsh

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]