From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Mon, 26 Apr 2010 15:20:47 -0400
Subject: [refpolicy] services_ftp.patch
In-Reply-To: <4B8452B1.5090503@redhat.com>
References: <4B8452B1.5090503@redhat.com>
Message-ID: <1272309647.32279.232.camel@gorn>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Tue, 2010-02-23 at 17:12 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F13/services_ftp.patch
> 
> Better handling of proftpd

Why does ftpd_t need sys_admin?

The change for ftp_home_dir is not acceptable.  Enabling that tunable
shouldn't allow access to all files.

Why does ftp need to connect to a db?

> Added handling of sftpd from sshd

Otherwise merged.

-- 
Chris PeBenito
Tresys Technology, LLC