[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: squid policy

To: "Christopher J. PeBenito" <cpebenito@xxxxxxxxxx>
Subject: Re: squid policy
From: Russell Coker <russell@xxxxxxxxxxxx>
Date: Thu, 27 Oct 2005 21:21:59 +1000
Cc: SELinux Mail List <selinux@xxxxxxxxxxxxx>
In-reply-to: <1125686384.16388.66.camel@xxxxxxxxxxxxxxxxxxxxxxx>
References: <1125686384.16388.66.camel@xxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: russell@xxxxxxxxxxxx
Sender: owner-selinux@xxxxxxxxxxxxx
User-agent: KMail/1.8.92

On Saturday 03 September 2005 04:39, "Christopher J. PeBenito" 
<cpebenito@xxxxxxxxxx> wrote:
> While converting over the squid policy to a reference policy module, I
> noticed this:
>
> #squid requires the following when run in diskd mode, the recommended
> setting allow squid_t tmpfs_t:file { read write };
>
> I'm confused on how this can happen.  As far as I know, there shouldn't
> be no tmpfs_t files; everything should fall into a derived tmpfs domain,
> usually provided by tmpfs_domain().  Can someone clarify this?

It seems to work OK without it, remove it.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.

References:
- squid policy
  - From: Christopher J. PeBenito

Prev by Date: Re: [ SEMANAGE ] Implement dbase_file_set, fix memleak
Next by Date: Re: [PATCH] Sort file contexts
Previous by thread: squid policy
Next by thread: ntp policy
Index(es):
- Date
- Thread

This mailing list archive is a service of Copilot Consulting.