/sbin/restorecon and hard links
Stephen Smalley
sds at tycho.nsa.gov
Wed Feb 15 14:44:53 UTC 2006
On Wed, 2006-02-15 at 09:33 -0500, Chuck Anderson wrote:
> On Wed, Feb 15, 2006 at 09:01:32AM -0500, Stephen Smalley wrote:
> > Yes, running restorecon on /home by root considered harmful,
>
> What is a safe way to run restorecon on /home? Should I su to each
> user and do their home directory separately from all others?
The real question is why do you need to do it? If the labels are set up
properly on installation and when the user's account is first created,
then you shouldn't need to do it subsequently, and the user can run
restorecon themselves on their own home directory if they encounter
issues. su has its own issues irrespective of SELinux; never su to an
untrusted account.
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list