rpms/mod_fcgid
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Update SELinux policy to support file transition to httpd_tmp_t for

Browse Source 
temporary files
This commit is contained in:
Paul Howarth 2008-01-03 18:17:11 +00:00
parent bfb6f5c72f
commit 407b04f705
3 changed files with 19 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
fastcgi-2.5.te
View File

@ -1,4 +1,4 @@
policy_module(fastcgi, 0.2.0) policy_module(fastcgi, 0.2.1)
type httpd_fastcgi_sock_t; type httpd_fastcgi_sock_t;
files_type(httpd_fastcgi_sock_t) files_type(httpd_fastcgi_sock_t)
@ -10,6 +10,7 @@ require {
type httpd_log_t; type httpd_log_t;
type httpd_sys_script_exec_t; type httpd_sys_script_exec_t;
type httpd_sys_content_t; type httpd_sys_content_t;
type httpd_tmp_t;
}; };
# ========================================================== # ==========================================================
@ -79,6 +80,11 @@ dontaudit httpd_fastcgi_script_t httpd_config_t:dir search;
fs_search_auto_mountpoints(httpd_fastcgi_script_t) fs_search_auto_mountpoints(httpd_fastcgi_script_t)
# PHP uploads a file to /tmp and then execs programs to action them
manage_dirs_pattern(httpd_fastcgi_script_t,httpd_tmp_t,httpd_tmp_t)
manage_files_pattern(httpd_fastcgi_script_t,httpd_tmp_t,httpd_tmp_t)
files_tmp_filetrans(httpd_fastcgi_script_t,httpd_fastcgi_script_rw_t,{ dir file lnk_file sock_file fifo_file })
files_search_var_lib(httpd_fastcgi_script_t) files_search_var_lib(httpd_fastcgi_script_t)
files_search_spool(httpd_fastcgi_script_t) files_search_spool(httpd_fastcgi_script_t)

8
fastcgi.te
View File

@ -1,4 +1,4 @@
policy_module(fastcgi, 0.1.7) policy_module(fastcgi, 0.1.8)
type httpd_fastcgi_sock_t; type httpd_fastcgi_sock_t;
files_type(httpd_fastcgi_sock_t) files_type(httpd_fastcgi_sock_t)
@ -10,6 +10,7 @@ require {
type httpd_log_t; type httpd_log_t;
type httpd_sys_script_exec_t; type httpd_sys_script_exec_t;
type httpd_sys_content_t; type httpd_sys_content_t;
type httpd_tmp_t;
}; };
# ========================================================== # ==========================================================
@ -69,6 +70,11 @@ dontaudit httpd_fastcgi_script_t httpd_config_t:dir search;
fs_search_auto_mountpoints(httpd_fastcgi_script_t) fs_search_auto_mountpoints(httpd_fastcgi_script_t)
# PHP uploads a file to /tmp and then execs programs to action them
allow httpd_fastcgi_script_t httpd_tmp_t:dir manage_dir_perms;
allow httpd_fastcgi_script_t httpd_tmp_t:file manage_file_perms;
files_tmp_filetrans(httpd_fastcgi_script_t,httpd_fastcgi_script_rw_t,{ dir file lnk_file sock_file fifo_file })
files_search_var_lib(httpd_fastcgi_script_t) files_search_var_lib(httpd_fastcgi_script_t)
files_search_spool(httpd_fastcgi_script_t) files_search_spool(httpd_fastcgi_script_t)

6
mod_fcgid.spec
View File

@ -11,7 +11,7 @@
Name: mod_fcgid Name: mod_fcgid
Version: 2.2 Version: 2.2
Release: 1%{?dist} Release: 2%{?dist}
Summary: Apache2 module for high-performance server-side scripting Summary: Apache2 module for high-performance server-side scripting
Group: System Environment/Daemons Group: System Environment/Daemons
License: GPL+ License: GPL+
@ -157,6 +157,10 @@ exit 0
%endif %endif
%changelog %changelog
* Thu Jan 3 2008 Paul Howarth <paul@city-fan.org> 2.2-2
- Update SELinux policy to support file transition to httpd_tmp_t for
temporary files
* Fri Sep 14 2007 Paul Howarth <paul@city-fan.org> 2.2-1 * Fri Sep 14 2007 Paul Howarth <paul@city-fan.org> 2.2-1
- Update to version 2.2 - Update to version 2.2
- Make sure docs are encoded as UTF-8 - Make sure docs are encoded as UTF-8