Date: Fri, 26 Sep 2003 10:12:19 -0700 (PDT) From: Andrew Reisse <areisse@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 38659 for review Message-ID: <200309261712.h8QHCJJn033160@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=38659 Change 38659 by areisse@areisse_tislabs on 2003/09/26 10:11:56 apache policy modified for FreeBSD Affected files ... .. //depot/projects/trustedbsd/sebsd_policy/policy/domains/program/unused/apache.te#2 edit .. //depot/projects/trustedbsd/sebsd_policy/policy/file_contexts/program/apache.fc#2 edit Differences ... ==== //depot/projects/trustedbsd/sebsd_policy/policy/domains/program/unused/apache.te#2 (text+ko) ==== @@ -336,7 +336,7 @@ ################################################################ # Allow the web server to run scripts and serve pages ############################################################## -allow httpd_t httpd_sys_content_t:file r_file_perms; +allow httpd_t httpd_sys_content_t:{lnk_file file} r_file_perms; allow httpd_t httpd_sys_content_t:dir r_dir_perms; allow httpd_t httpd_sys_htaccess_t: file r_file_perms; ==== //depot/projects/trustedbsd/sebsd_policy/policy/file_contexts/program/apache.fc#2 (text+ko) ==== @@ -1,26 +1,16 @@ # apache -/var/www/html(/.*)? system_u:object_r:httpd_sys_content_t -/var/www/mrtg(/.*)? system_u:object_r:httpd_sys_content_t -/var/www/cgi-bin(/.*)? system_u:object_r:httpd_sys_script_t -/usr/lib/cgi-bin(/.*)? system_u:object_r:httpd_sys_script_t -/var/www/perl(/.*)? system_u:object_r:httpd_sys_script_t -/var/www/icons(/.*)? system_u:object_r:httpd_sys_content_t -/var/cache/httpd(/.*)? system_u:object_r:httpd_cache_t -/etc/httpd system_u:object_r:httpd_config_t -/etc/httpd/conf(/.*)? system_u:object_r:httpd_config_t -/etc/httpd/logs system_u:object_r:httpd_log_files_t -/etc/httpd/modules system_u:object_r:httpd_modules_t -/etc/apache(2)?(/.*)? system_u:object_r:httpd_config_t -/etc/vhosts system_u:object_r:httpd_config_t -/usr/lib/apache(/.*)? system_u:object_r:httpd_modules_t -/usr/lib/apache2/modules(/.*)? system_u:object_r:httpd_modules_t -/usr/sbin/httpd system_u:object_r:httpd_exec_t -/usr/sbin/apache(2)? system_u:object_r:httpd_exec_t -/usr/sbin/suexec system_u:object_r:httpd_suexec_exec_t -/usr/lib/cgi-bin/(nph-)?cgiwrap(d)? system_u:object_r:httpd_suexec_exec_t -/usr/lib/apache(2)?/suexec(2)? system_u:object_r:httpd_suexec_exec_t +/usr/local/www/data(/.*)? system_u:object_r:httpd_sys_content_t +/usr/local/www/cgi-bin(/.*)? system_u:object_r:httpd_sys_script_t +/usr/local/www/icons(/.*)? system_u:object_r:httpd_sys_content_t +#/var/cache/httpd(/.*)? system_u:object_r:httpd_cache_t +/usr/local/etc/apache system_u:object_r:httpd_config_t +/usr/local/libexec/apache(/.*)? system_u:object_r:httpd_modules_t +/usr/local/sbin/httpd system_u:object_r:httpd_exec_t +#/usr/sbin/suexec system_u:object_r:httpd_suexec_exec_t +#/usr/lib/cgi-bin/(nph-)?cgiwrap(d)? system_u:object_r:httpd_suexec_exec_t +#/usr/lib/apache(2)?/suexec(2)? system_u:object_r:httpd_suexec_exec_t /var/log/httpd(/.*)? system_u:object_r:httpd_log_files_t -/var/log/apache(2)?(/.*)? system_u:object_r:httpd_log_files_t -/var/log/cgiwrap\.log.* system_u:object_r:httpd_log_files_t -/var/cache/ssl.*\.sem system_u:object_r:httpd_cache_t +#/var/log/apache(2)?(/.*)? system_u:object_r:httpd_log_files_t +#/var/log/cgiwrap\.log.* system_u:object_r:httpd_log_files_t +#/var/cache/ssl.*\.sem system_u:object_r:httpd_cache_t /var/run/apache(2)?.pid.* system_u:object_r:httpd_var_run_t
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200309261712.h8QHCJJn033160>