[prev in list] [next in list] [prev in thread] [next in thread]
List: fedora-selinux-list
Subject: Re: how to set permissions to files with a patern in the file hame
From: ESGLinux <esggrupos () gmail ! com>
Date: 2010-02-18 9:51:34
Message-ID: 3128ba141002180151m5ef96df8x6cb5e0c67adaa55b () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
>
>
> > selinux@lists.fedoraproject.org
> > https://admin.fedoraproject.org/mailman/listinfo/selinux
> What is the secutity separation on the files than. Can you give me an mo=
re
> definition of what these files are.
>
> Are you trying to allow a file to be created and depending on its name, i=
t
> can be shared by a confined service?
>
> You have not explained what your security goal is.
>
i=B4ll try to explain.
I have a big directory with thousands of files. All of this files match a
pattern in the file name (files that don=B4t match don=B4t mind). What I wa=
nt is
that when a new file is created, the users or groups that can access the
file are already fixed (is like putting g+s to a directory and all the file=
s
created have the directory group)
What I want, is to simulate this:
http://en.wikipedia.org/wiki/Resource_Access_Control_Facility
Look at this: "In addition to being one of the most mature and scalable
security monitors in computing, it has some interesting features that are
not often found in Microsoft
Windows<http://en.wikipedia.org/wiki/Microsoft_Windows>
or Unix <http://en.wikipedia.org/wiki/Unix> environments. It can, for
example, set permissions for file patterns =97 that is, set the permissions
even for files that do not yet exist"
is this possible to simulate with SELinux or am I totally wrong?
I hope now it will clearer
Greetings and thaks for your answers
ESG
[Attachment #5 (text/html)]
<div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 \
.8ex;border-left:1px #ccc solid;padding-left:1ex;"><div class="im"><br> > <a \
href="mailto:selinux@lists.fedoraproject.org">selinux@lists.fedoraproject.org</a><br> \
> <a href="https://admin.fedoraproject.org/mailman/listinfo/selinux" \
target="_blank">https://admin.fedoraproject.org/mailman/listinfo/selinux</a><br> \
</div>What is the secutity separation on the files than. Can you give me an more \
definition of what these files are.<br> <br>
Are you trying to allow a file to be created and depending on its name, it can be \
shared by a confined service?<br> <br>
You have not explained what your security goal \
is.<br></blockquote><div><br></div><div>iīll try to \
explain.</div><div><br></div><div>I have a big directory with thousands of files. All \
of this files match a pattern in the file name (files that donīt match donīt mind). \
What I want is that when a new file is created, the users or groups that can access \
the file are already fixed (is like putting g+s to a directory and all the files \
created have the directory group)</div> <div><br></div><div>What I want, is to \
simulate this: <a href="http://en.wikipedia.org/wiki/Resource_Access_Control_Facility" \
>http://en.wikipedia.org/wiki/Resource_Access_Control_Facility</a></div><div><br></div><div>Look \
> at this: "<span class="Apple-style-span" style="font-family: sans-serif; \
> font-size: 13px; line-height: 19px; ">In addition to being one of the most mature \
> and scalable security monitors in computing, it has some interesting features that \
> are not often found in <a href="http://en.wikipedia.org/wiki/Microsoft_Windows" \
> title="Microsoft Windows" style="text-decoration: none; color: rgb(0, 43, 184); \
> background-image: none; background-attachment: initial; background-origin: initial; \
> background-clip: initial; background-color: initial; background-position: initial \
> initial; background-repeat: initial initial; ">Microsoft Windows</a> or <a \
> href="http://en.wikipedia.org/wiki/Unix" title="Unix" style="text-decoration: none; \
> color: rgb(0, 43, 184); background-image: none; background-attachment: initial; \
> background-origin: initial; background-clip: initial; background-color: initial; \
> background-position: initial initial; background-repeat: initial initial; \
> ">Unix</a> environments. It can, for example, set permissions for file patterns \
> that is, set the permissions even for files that do not yet exist<span \
> class="Apple-style-span" style="font-family: arial; line-height: normal; font-size: \
> small; ">"</span></span></div>
<div><span class="Apple-style-span" style="font-family: sans-serif; font-size: 13px; \
line-height: 19px; "><span class="Apple-style-span" style="font-family: arial; \
line-height: normal; font-size: small; "><br></span></span></div> <div>is this \
possible to simulate with SELinux or am I totally wrong?</div><div><br></div><div>I \
hope now it will clearer</div><div><br></div><div>Greetings and thaks for your \
answers</div><div><br></div><div>ESG</div><div> <br></div><div><br></div></div><br>
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic