From: nicky726@gmail.com (Nicky726) Date: Sat, 25 Sep 2010 13:02:26 +0200 Subject: [refpolicy] Labeling of ~/.local, ~/.config, ... owned by gnome though not gnome specific (Daniel J Walsh) In-Reply-To: References: Message-ID: <201009251302.26331.Nicky726@gmail.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Dne ?t 23. z??? 2010 19:00:01 Daniel J Walsh napsal(a): > I think the real solution to this is to put this into the kernel. We > need to define rules that says, if I create a directory within a > directory labeled user_home_dir_t named .config, the kernel should > create it labeled config_home_t. > > Any other solution including restorecond is going to be prone to failure. > > Similarly we could say if an app create resolv.conf withing etc_t it > needs to labeled net_conf_t Yes that sounds even better. Ondrej Vadinsky -- Don't it always seem to go That you don't know what you've got Till it's gone (Joni Mitchell)