On 02/17/2010 03:27 AM, ESGLinux wrote:
>
>
>
> ESG, Take a step back and explain to us what process is creating these
> files. What procesess are you
> trying to prevent from reading these files?
>
> any process that can create a file, touch, vim...
> Who is creating the files?
>
any user that can log in the system.
>
> If it is one process creating the files then you can add SELinux awareness
> to the tool and get the files created with the "correct" context.
>
Hope my answer explain a bit more the problem
Thanks
ESG
--
selinux mailing list
selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux What is the secutity
separation on the files than. Can you give me an more definition of what these files
are.
Are you trying to allow a file to be created and depending on its name, it can be shared
by a confined service?
You have not explained what your security goal is.