Re: standard for executable files under /usr/share
On Wed, 19 Mar 2003 02:16, sean finney wrote:
> it was a crude example to get a point across. i think you could
> sufficiently modify a similar script to suit your needs:
>
> find /usr/share -path /usr/share/doc -prune -o -type f -exec file {} \; |
> grep executable | grep -E 'script|whatever'
Another thing, something like this needs to be done at package install time.
When a package is installed it's files need to be labeled, if we add running
"file" on the files in the package to the list of things to do then package
installation becomes even slower.
> > Also this problem will be more difficult to solve for LIDS and other
> > security modules that perform access control based on file names as all
> > those names will have to be known by the kernel.
>
> can they be given a list of filenames, or do you want regular expressions?
Regular expressions are most conveniant.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: