From: russell@coker.com.au (Russell Coker)
Date: Thu, 14 Sep 2017 13:07:11 +1000
Subject: [refpolicy] [PATCH 2/2] apache: update
In-Reply-To: <d18c80d0-d288-fc5f-d45b-2925b0849636@ieee.org>
References: <20170910151158.5859-1-cgzones@googlemail.com>
	<CAJ2a_DcqZ6zUF8BnA+Zfeuf1uWuUQB8zJzn74-9_WD3PSAm1YA@mail.gmail.com>
	<d18c80d0-d288-fc5f-d45b-2925b0849636@ieee.org>
Message-ID: <2826874.zb9Cjn7mqj@xev>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Wednesday, 13 September 2017 6:45:56 PM AEST Chris PeBenito wrote:
> On 09/13/2017 04:09 AM, Christian G?ttsche wrote:
> > Or should I create a boolean for the log manage permissions?
> 
> No.  If we find that under certain situations the manage permissions are 
> needed, we can reconsider then.

I agree.  Having lots of booleans is annoying, confusing, and not good for 
security in practice.

When something like this is up for debate I think it's best to have a default 
policy of removing the access in question and waiting for more evidence of why 
it's needed.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/