rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

No need for httpd_builtin_scripting to be set for httpd_t to be allowed to read files.

Browse Source
This commit is contained in:
Dominick Grift 2010-09-17 08:40:04 +02:00
parent c53b75bdd2
commit bbdbce34c2
1 changed files with 1 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
policy/modules/services/apache.te
View File

@ -1140,14 +1140,11 @@ tunable_policy(`httpd_enable_homedirs',`
') ')
tunable_policy(`httpd_read_user_content',` tunable_policy(`httpd_read_user_content',`
userdom_read_user_home_content_files(httpd_t)
userdom_read_user_home_content_files(httpd_user_script_t) userdom_read_user_home_content_files(httpd_user_script_t)
userdom_read_user_home_content_files(httpd_suexec_t) userdom_read_user_home_content_files(httpd_suexec_t)
') ')
tunable_policy(`httpd_read_user_content && httpd_builtin_scripting',`
userdom_read_user_home_content_files(httpd_t)
')
# Removal of fastcgi, will cause problems without the following # Removal of fastcgi, will cause problems without the following
typealias httpd_sys_script_exec_t alias httpd_fastcgi_script_exec_t; typealias httpd_sys_script_exec_t alias httpd_fastcgi_script_exec_t;
typealias httpd_sys_content_t alias { httpd_fastcgi_content_t httpd_fastcgi_script_ro_t }; typealias httpd_sys_content_t alias { httpd_fastcgi_content_t httpd_fastcgi_script_ro_t };