Thanks for your help Dominick, a few comments below...<br><br><div class="gmail_quote">On Mon, Oct 3, 2011 at 12:39 PM, Dominick Grift <span dir="ltr">&lt;<a href="mailto:dominick.grift@gmail.com">dominick.grift@gmail.com</a>&gt;</span> wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div class="im">On Mon, 2011-10-03 at 12:29 -0400, Scott Gifford wrote:<br>
&gt; PHP uploads files into a temporary directory, where they are given the<br>
&gt; label &quot;httpd_tmp_t&quot;.  When a PHP script processes them, it<br>
&gt; calls move_uploaded_file to move the newly uploaded file into its<br>
&gt; final location.  This function does some validity checks, then does a<br>
&gt; rename(2) from the temporary location to the location passwd to<br>
&gt; move_uploaded_file.<br>
<br>
</div>Your web app would need to copy the file instead.<br></blockquote><div><br></div><div>Certainly that is possible.  It is not the normal idiom for PHP uploaded files though, and bypasses the checks that the system libraries provide when using move_uploaded_file.</div>

<div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Or why not make your app create the file in the final destination in the<br>
first place. then rename it there.<br></blockquote><div><br></div><div>The PHP system libraries handle the file upload itself, and PHP code doesn&#39;t run until the file is uploaded.  So there isn&#39;t really a practical way to do this without jumping pretty far outside of PHP norms.</div>

<div><br></div><div>[ ... ] </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div class="im">
<br>
&gt; I am wondering if there is some good way to automatically relabel this<br>
&gt; file when it is renamed?<br>
<br></div></blockquote><div>[ ... ] </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div class="im">
<br>
</div>That is not practical because whatever moves the file might not be<br>
allowed to relabelto the target location type.<br></blockquote><div><br></div><div>Right, but then I would simply expect a denial, just as I would if I tried to do some other operation not allowed by SELinux, and would modify my policy to allow that.  I think the issues here aren&#39;t fundamentally different than with copying the file, except of course the needed permission would be different.</div>

<div><br></div><div>As for Dan&#39;s suggestion to use an upload directory with the correct label: The upload is handled by the PHP libraries and so doesn&#39;t know what context the file should end up with at the time it is being created; it will really depend on where it is copied to.</div>

<div><br></div><div>Maybe one solution would be to first move the file to a temporary name (giving the checks that PHP&#39;s move_uploaded_file provides), then copy it to its final name (which will relabel).  Could be a fair bit of extra work for the OS if the file is large, but for this application it might be workable.</div>

<div><br></div><div>I&#39;ll also take a look at what would be required to patch PHP to get the behavior I was expecting.</div><div><br></div><div>Thanks again for your suggestions!<br><br></div><div>-----Scott.</div><div>

<br></div></div>