[policy-sources-1.8-10] tmpwatch ACLs.
Russell Coker
russell at coker.com.au
Sun Mar 14 13:59:40 UTC 2004
On Sun, 14 Mar 2004 17:36, Aleksey Nogin <aleksey at nogin.org> wrote:
> > Allowing an
> > unlink of file_t files is probably OK, I'll add that to my tree.
>
> Would it be a better idea to change how file_contexts marks files in
> /tmp and see whether that is sufficient?
Not all existing files in /tmp will be labeled by setfiles. The problem is
that you have multiple users who may put files in /tmp, and determining which
user is responsible for a particular file is inconvenient. I guess we could
have a program that looks at the UID of a file and then assigns it a type
based on the role(s) that are permitted for the user who's name matches the
UID. But this is ugly, and I expect that we will find cases of SETUID/SETGID
programs creating files in /tmp that will cause problems with this if we try
implementing it.
This is why we are looking at removing files from /tmp as part of a file
system label.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-selinux-list
mailing list