Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRe: I would like to propose some kind of consolidation of tmpfs_t and tmp_t
From: Stephen Smalley <sds_at_tycho.nsa.gov>
Date: Thu, 24 Mar 2005 12:30:58 -0500
Possible workaround - mount with fscontext=, then run restorecon /tmp (not recursively, just on the top-level directory) from rc.sysinit. That would get us tmp_t on the superblock and tmp_t on the root directory. Then you just need a few policy modifications like allow tmpfile_t tmp_t:filesystem associate;, and you still can perform [gs]etfilecon and setfscreatecon on the filesystem. -- Stephen Smalley <sds@tycho.nsa.gov> National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Thu 24 Mar 2005 - 12:39:03 EST |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |