[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

New type cert_t?

To: SELinux <selinux@xxxxxxxxxxxxx>
Subject: New type cert_t?
From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
Date: Wed, 05 Jan 2005 10:18:07 -0500
In-reply-to: <41DBE9F1.50303@xxxxxxxxxx>
References: <20050104230149.GA10317@xxxxxxxxxxxxxxxxxxxxx> <20050104233401.GA11885@xxxxxxxxxxxxxxxxxxxxx> <41DBE9F1.50303@xxxxxxxxxx>
Sender: owner-selinux@xxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 0.9 (X11/20041127)

Sorry hit reply instead of new.

I would like to add a new file type cert_t for ssl cert files, sincethese are defaulted to usr_t right now.
Shouldn't these be protected at a higher level?

#
# cert_t is the type of files in the system certs directories.
#
type cert_t, file_type, sysadmfile;

...

/usr/share/ssl/certs(/.*)?              system_u:object_r:cert_t


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail tomajordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.




--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.

References:
- [patch] screen_macros.te
  - From: Greg Norris
- Re: [patch] screen_macros.te
  - From: Greg Norris
- Re: [patch] screen_macros.te
  - From: Daniel J Walsh

Prev by Date: Re: [patch] screen_macros.te
Next by Date: Re: policy
Previous by thread: Re: [patch] screen_macros.te
Next by thread: Re: [patch] screen_macros.te
Index(es):
- Date
- Thread

This mailing list archive is a service of Copilot Consulting.