Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...
|
Bug 129584: restrictions on user_t: msg#00062
|
Subject: |
Bug 129584: restrictions on user_t |
Bug link: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129584
> Additional Comment #9 From Daniel Walsh (dwalsh@xxxxxxxxxx) on
> 2004-09-15 15:55
> Yes there are a lot of files that user can not access. Mainly any
> file that has a security context associated with it and doesn't have
> the attribute usercanread.
> Again I want to bring this conversation to the public list and come to
> concensus. We can add usercanread to these files, but the question
> than is should a user be able to read all files even if they are world
> readable.
I don't see why not. If you think the user should not be able
to read those files, then why aren't their permissions flags
set accordingly? If a file was intended to be readable only
by a certain application or only by root then it could have had
the proper user/group/rwx flags set - this restriction could
have been imposed without SELinux. If it is marked
user readable then it seems to me that any user should
be able to read it (or at least that there are no
security reasons to deny it). So why
does SElinux impose restrictions on user_t
that contradict this explicit setting?
--
Ivan Gyurdiev <ivg2@xxxxxxxxxxx>
Cornell University
|
| |
