[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: FYI My guide to writing SELinux policy.

From: Paul Howarth <paul city-fan org>
To: fedora-devel-list redhat com
Subject: Re: FYI My guide to writing SELinux policy.
Date: Tue, 21 Aug 2007 21:20:04 +0100

On Tue, 21 Aug 2007 13:58:34 -0500
"Arthur Pemberton" <pemboa gmail com> wrote:

> On 8/21/07, Daniel J Walsh <dwalsh redhat com> wrote:
> > http://www.redhatmagazine.com/2007/08/21/a-step-by-step-guide-to-building-a-new-selinux-policy-module/
> 
> I have an SELinux question about granting access of two targeted
> daemons to the same set of data. What is the best medium to get advice
> on this?

Sounds like you want something like public_content_t and/or
public_content_rw_t. Most server daemons can read data of these
types; the ability to write to public_content_rw_t is determined by the
state of the *_anon_write booleans.

As Rahul said, fedora-selinux-list is the best place for further
discussion.

Paul.

References:
- FYI My guide to writing SELinux policy.
  - From: Daniel J Walsh
- Re: FYI My guide to writing SELinux policy.
  - From: Arthur Pemberton

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]