Bug 782517 - Propose that you turn on PrivateTmp=true in service file for ypserv
Propose that you turn on PrivateTmp=true in service file for ypserv
Product: Fedora
Classification: Fedora
Component: ypserv (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Honza Horak
Fedora Extras Quality Assurance
Depends On:
Blocks: PrivateTmp
  Show dependency treegraph
Reported: 2012-01-17 10:52 EST by Daniel Walsh
Modified: 2012-02-01 13:53 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-02-01 07:44:31 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Daniel Walsh 2012-01-17 10:52:41 EST
I would like to propose using PrivateTmp for ypserv systemd unit file
This should make the use of /tmp directory more secure
and avoid users from being able to potentially effect it.

Comment 1 Honza Horak 2012-02-01 07:44:31 EST
No binary or daemon from ypserv operates in /tmp, afaik. Closing this for now, feel free to re-open it if you wish.
Comment 2 Daniel Walsh 2012-02-01 13:53:43 EST
No problem, I will remove the SELinux policy to handle this and we will see if AVC's start happening.

Note You need to log in before you can comment on or make changes to this bug.