From: dwalsh@redhat.com (Daniel J Walsh)
Date: Mon, 31 Aug 2009 08:56:12 -0400
Subject: [refpolicy] apps_webalizer.patch
In-Reply-To: <20090831112930.GC11471@notebook3.grift.internal>
References: <4A983B60.2030205@redhat.com>
	<20090831112930.GC11471@notebook3.grift.internal>
Message-ID: <4A9BC86C.9010603@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 08/31/2009 07:29 AM, Dominick Grift wrote:
> On Fri, Aug 28, 2009 at 04:17:36PM -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F12/apps_webalizer.patch
>>
>> Webalizer does not list inotify, this was caused by leaked file descriptors in either dbus or cron.  Both of which have been cleaned up.
> 
> how about we also add a miscfiles_read_public_files(webalizer_t)
> 
> Some people want to label their webroot public_content_t (for rsync and other sharing), however if they do that then webalizer can no longer access the web content.
> 
>> _______________________________________________
>> refpolicy mailing list
>> refpolicy at oss.tresys.com
>> http://oss.tresys.com/mailman/listinfo/refpolicy
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> refpolicy mailing list
>> refpolicy at oss.tresys.com
>> http://oss.tresys.com/mailman/listinfo/refpolicy
Sounds good to me.