[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ifupdown writes to /etc... a bug?

On Wed, 26 Mar 2003 19:37, Goswin Brederlow wrote:
> > sendmail daemon
> > sendmail -t run by the user for some mail servers
> > Various daemon start scripts.
> > ntpd
> > hotplug
> > samba
>
> Why would they ever need to write to /etc? They can and should all use
> /var for machine writeable files.

Samba has it's smbpasswd file that is written by network password changes, and 
a few other writable files.

I don't know why the others need such access.  I just looked at the SE Linux 
policy tree to see which programs were permitted to write to files under 
/etc, apparently the programs would not work properly without the access 
being granted.

Please let me know when you've fixed sendmail, hotplug, ntpd, and samba, then 
I'll update my SE Linux policy accordingly and give you a list of other 
programs with write access.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page
Reply to: