Moving /etc/fonts/ to fonts_t?
Daniel J Walsh
dwalsh at redhat.com
Fri Mar 6 14:08:00 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Daniel J Walsh wrote:
> Jan Kasprzak wrote:
>> In my Fedora 10 system, all fonts under /usr/share/fonts
>> are of the fonts_t type, while the fontconfig files under /etc/fonts
>> are of the default etc_t type. I think it would make sense to move
>> the whole /etc/fonts directory under the fonts_t type, so that user
>> can easily say "this domain can use fonts" and be done without allowing
>> the domain to read the whole /etc directory and files.
>
>> What do you think about it? Does it make sense to modify the default
>> Fedora policy according to these lines?
>
>> -Yenya
>
> yes. If there are fonts in /etc/fonts it should be labeled fonts_t
if they are not fonts though lots of domains can write to fonts_t
- --
fedora-selinux-list mailing list
fedora-selinux-list at redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkmxLkAACgkQrlYvE4MpobN9rQCbBq51YaslKt7yHf5ZACOXv8Yk
iBYAnRTuU4dIgEHD15t4BgVxDOWv6aQ6
=xcLX
-----END PGP SIGNATURE-----
More information about the fedora-selinux-list
mailing list