Is anyone else running Drupal on Fedora FC3 or any other system implementing targeted policy for Security Enhanced Linux?
No, but I know what you're talking about.
I'm having the following issue: image module execs the convert binary from the imagemagick package. Because this call passes command line arguments, PHP execs bash to process the command. The default SELinux policy does not allow httpd to execute bash, and Has anyone found a reasonable compromise for this situation?
I believe the policy allows httpd to execute Perl (for CGI scripts), so you could make a Perl wrapper script to call 'convert', then modify your policy to allow that script access to 'convert'. I think. I've had so much (un-related Drupal problems) with SELinux that I ended up turning it off. -- Morbus Iff ( you are nothing without your robot car, NOTHING! ) Culture: http://www.disobey.com/ and http://www.gamegrene.com/ Spidering Hacks: http://amazon.com/exec/obidos/ASIN/0596005776/disobeycom icq: 2927491 / aim: akaMorbus / yahoo: morbus_iff / jabber.org: morbus