AWStats Update-now link has permissions issues
Dominick Grift
dominick.grift at gmail.com
Wed Oct 31 12:21:35 UTC 2012
On Tue, 2012-10-30 at 16:14 -0600, Dmitry Makovey wrote:
> On October 30, 2012 20:45:37 Dominick Grift wrote:
> > On Tue, 2012-10-30 at 13:30 -0600, Dmitry Makovey wrote:
> >
> >
> > > allow awstats_t httpd_log_t:file write;
> > >
> > > module into the setup. However given that we're dealing with "Standard
> > > function" of AWStats it would be nice to wrap it in conditional and throw
> > > in base policy.
> > >
> > > Which really raises a question: should base policies (and modules) cover
> > > all aspects of "normal"/"legitimate" functionality of applications
> > > "out-of-the- box" or shall we expect it to cover only a subset? Is it
> > > SELinux's group role to suggest "insecure" practices that will not be
> > > covered by policies and probably should be discouraged irregardless of
> > > SELinux state (on or off)?
> >
> > In my view ideally it should be transparent but in practice SELinux is
> > also used to block "functionality" sometimes
> >
> > A boolean for the above should be fine in my view
>
> should I drop request in RH bugzilla?
If you want that feature to be available to the public then sure. It
can't hurt to ask for a feature
> --
> Dmitry Makovey
> Web Systems Administrator
> Athabasca University
> (780) 675-6245
> ---
> Confidence is what you have before you understand the problem
> Woody Allen
>
> When in trouble when in doubt run in circles scream and shout
> http://www.wordwizard.com/phpbb3/viewtopic.php?f=16&t=19330
>
>
More information about the selinux
mailing list