SELinux should be off by default in FC3
Stephen Smalley
sds at epoch.ncsc.mil
Thu Oct 7 14:16:06 UTC 2004
On Thu, 2004-10-07 at 09:52, Jeff Spaleta wrote:
> Education about needing to be aware of the contexts now is one issue,
> but we are going to definitely need to expose the security context
> information in the tools most people use to check file properties if
> we want it to be easy to deal with. I know ls in rawhide exposes the
> contexts via -Z but I haven't poked around with nautilus to see if
> security context information is exposed there. And of course having
> nautilus be able to run the restorecon via a right click menu entry on
> a directory or file is going to be needed for smooth operation for a
> segment of the userbase.
Good ideas, please submit an RFE. AFAIK, nautilus doesn't know about
security contexts at all.
> And are there any tools aimed at helping users figure out what file
> security context settings are needed for specific service/daemons?
Ideally, they only need to run restorecon on the path, and restorecon
will fetch the proper security context from the file_contexts
configuration and apply it.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the devel
mailing list