selinux & external hd permissions.

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Sat Jun 11 18:01:17 UTC 2005


On Sat, 11 Jun 2005 11:28:20 CDT, Justin Conover said:

> Question is, if that server is running SELinux on CentOS 4.0 and I
> back stuff up to that exteranl drive, will other box's be able to read
> that exteranl drive?  In the chance that hardware fails and I need to
> be able to look at that data on another box?

SELinux will enter into it very little.  Just make sure that the drive is using
a file system the other box has support for.  A bigger issue will be "does
the other box have support for your file system?".  Using reiserfs may be
a problem if the other box doesn't have it, and even ext3 will be.. interesting..
if the other box is a Windows box (in which case you're probably better off
just making the FS fat32 and mounting it on your SELinux box with fscontext=)

Please note that if the other box *writes* to the file system, you'll probably
need to run 'restorecon' on it when you mount it back on the SELinux-bsed box
before things will really work right, and you are the mercy of the other box'es
security while it's mounted there.

If you trust the other box to not leave a Trojan on the file system, the quick
answer is "go for it, and restorecon when it comes back".  If you don't trust
the other box, then it gets a lot more interesting....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20050611/762e8b28/attachment.bin 


More information about the selinux mailing list