On Fri, 2010-04-30 at 03:39 -0400, W B Hacker wrote:
> Ron White wrote:
> *snip*
>
> This part should have a new thread of its own if it is to be pursued.
>
> >
> > Moving on from that - today I turn my attention to Clamav and Exim and
> > in particular SELinux on the Cent5 box. The installation was really easy
> > but there are some issues with clam being able to access files in
> > the /scan directory.
> >
> > This is a subject I know nothing about, but want to resist the
> > temptation to do the defacto 'disable SELinux'. Luckily I have the
> > weekend ahead to study and see if I can work it out. Wish me luck!
> >
>
> Not sure if it fits YOUR need, but we create a special group for our 'postal
> workers' (Exim, ClamAV, SA, Dovecot, Prayer, et al), one OTHER THAN the
> mail:mailnull or other legacy defaults.
>
> Group rights on the fs, and matching EUID:EGID in the DB keep all those players
> *and no others* in the same ring-fence.
>
>
> JM2CW
>
> Bill
>
>
At the moment Bill that is mostly Chinese to me - I have some serious
reading to do. I'll save this message in my notecase and hopefully it
will be clear to me after I've had a look at 'the screwdrivers guide to
SELinux' :-)