[selinux-policy: 800/3172] Added an allow that permitted apache to read httpd_sys_content_t stuff so that it would start
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 20:14:10 UTC 2010
commit 3d37bca18fbb3f6bf80b6c3848ba5e113e21b04b
Author: Don Miner <dminer at tresys.com>
Date: Mon Oct 24 11:21:28 2005 +0000
Added an allow that permitted apache to read httpd_sys_content_t stuff so that it would start
refpolicy/policy/modules/services/apache.te | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
---
diff --git a/refpolicy/policy/modules/services/apache.te b/refpolicy/policy/modules/services/apache.te
index 144df9b..6f11289 100644
--- a/refpolicy/policy/modules/services/apache.te
+++ b/refpolicy/policy/modules/services/apache.te
@@ -177,6 +177,8 @@ allow httpd_t httpd_squirrelmail_t:dir create_dir_perms;
allow httpd_t httpd_squirrelmail_t:lnk_file create_lnk_perms;
allow httpd_t httpd_squirrelmail_t:file create_file_perms;
+allow httpd_t httpd_sys_content_t:dir r_dir_perms;
+
allow httpd_t httpd_tmp_t:dir create_dir_perms;
allow httpd_t httpd_tmp_t:file create_file_perms;
files_create_tmp_files(httpd_t, httpd_tmp_t, { file dir })
More information about the scm-commits
mailing list