Author: csellers
Update of /cvs/docs/selinux-faq/en_US In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26901
Modified Files: selinux-faq.xml Log Message: rephrased php FAQ entry to address bz#139744
Index: selinux-faq.xml =================================================================== RCS file: /cvs/docs/selinux-faq/en_US/selinux-faq.xml,v retrieving revision 1.10 retrieving revision 1.11 diff -u -r1.10 -r1.11 --- selinux-faq.xml 19 Apr 2006 18:36:49 -0000 1.10 +++ selinux-faq.xml 20 Apr 2006 20:16:03 -0000 1.11 @@ -2406,8 +2406,8 @@ <qandaentry> <question> <para> - I am writing an php script that needs to create temporary files in - <filename>/tmp</filename> and possibly execute them, SELinux + I am writing a php script that needs to create files + and possibly execute them. SELinux policy is preventing this. What should I do? </para> </question> @@ -2419,7 +2419,7 @@ is something we want to prevent. </para> <para> - If you merely need to allow your script to create tempory + If you merely need to allow your script to create (non-executable) files, this is possible. That said, you should avoid having system applications writing to the <filename>/tmp</filename> directory, since users tend to use the @@ -2427,8 +2427,9 @@ create a directory elsewhere which could be owned by the apache process and allow your script to write to it. You should label the directory <computeroutput>httpd_sys_script_rw_t</computeroutput>, - which will allow apache to write the temporary files to that - directory. + which will allow apache to read and write files to that + directory. This directory could be located anywhere that apache + can get to (even <filename>$HOME/public_html/</filename>). </para> </answer> </qandaentry>
docs-commits@lists.fedoraproject.org