Polyinstantiation that allows group access
Forrest Taylor
ftaylor at redhat.com
Tue Feb 26 22:23:41 UTC 2008
Is there any way to allow polyinstantiation to give the same view to a
number of users? For example, I want to give users in the adm group
access to the same shared /tmp (really /tmp-adm) directory, users in the
wheel group access to a different shared /tmp (really /tmp-wheel), and
all other users access to their own individual /tmp. Is this possible?
Of course, the more I think about this, the more I see reasons not to do
it such as conflicts--what if a user were in the adm and wheel groups?
For a single group, I can see excluding them from the polyinstantiated
directory entirely, but with several groups I cannot think of a way to
safely do this. Thoughts?
Thanks,
Forrest
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20080226/30bdcb85/attachment.bin
More information about the selinux
mailing list