Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...
|
Re: Horde Application Suite and SELinux...: msg#00155
|
Subject: |
Re: Horde Application Suite and SELinux... |
On Tue, 2005-02-22 at 14:14 -0700, Tom Lisjac wrote:
>Hi folks!
>
>I've just installed the php based Horde Application Suite
>(http://horde.org) on a Fedora Core 3. Everything is working great
>with the targeted policy and SELinux enabled except for a small
>problem with spell checking in the Imp webmail app.
>
>The spell checker passes the text to aspell using a temporary file in
>/tmp. The targeted policy prohibits "http scripts" from using the /tmp
>directory...
CGI scripts (running as httpd_sys_script_t) shouldn't be prevented from
using /tmp; this macro in macros/apache_macros.te allows it:
file_type_auto_trans(httpd_$1_script_t, tmp_t, httpd_$1_script_rw_t)
>so aspell runs but doesn't return any results. If I
>disable SELinux, it works fine... but since this server will be
>running in a hostile environment, I'd rather not. I could also add:
>
>allow httpd_sys_script_t httpd_tmp_t:file { getattr read };
Hmmm. httpd_tmp_t is the type of temporary files generated by the main
webserver, not by CGI scripts. Perhaps what's happening is you have
some PHP code which is using aspell and creating a temporary file in the
main httpd process, and then a CGI script wants to read that later?
Hard to say without knowing more details about how aspell works.
|
| |
