> selinux(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/selinux
What is the secutity separation on the files than. Can you give me an more
definition of what these files are.
Are you trying to allow a file to be created and depending on its name, it
can be shared by a confined service?
You have not explained what your security goal is.
i´ll try to explain.
I have a big directory with thousands of files. All of this files match a
pattern in the file name (files that don´t match don´t mind). What I want is
that when a new file is created, the users or groups that can access the
file are already fixed (is like putting g+s to a directory and all the files
created have the directory group)
What I want, is to simulate this:
http://en.wikipedia.org/wiki/Resource_Access_Control_Facility
Look at this: "In addition to being one of the most mature and scalable
security monitors in computing, it has some interesting features that are
not often found in Microsoft
Windows<http://en.wikipedia.org/wiki/Microsoft_Windows>
or Unix <
http://en.wikipedia.org/wiki/Unix> environments. It can, for
example, set permissions for file patterns — that is, set the permissions
even for files that do not yet exist"
is this possible to simulate with SELinux or am I totally wrong?
I hope now it will clearer
Greetings and thaks for your answers
ESG