fedora-selinux January 2012 archive
Main Archive Page > Month Archives  > fedora-selinux archives
fedora-selinux: Re: Issue with updating denyhosts to use systemd

Re: Issue with updating denyhosts to use systemd

From: Daniel J Walsh <dwalsh_at_nospam>
Date: Tue Jan 31 2012 - 22:03:49 GMT
To: Jason L Tibbitts III <tibbs@math.uh.edu>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

<snip>

Those rules are not a security risk. Basically they say one process
can talk to another process running as denyhosts_t using inherited
fifo_files.

It also allows denyhosts_t to execute /bin/sh within the same context.
 Which is also not a problem.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk8oZUQACgkQrlYvE4MpobP8OgCg0vODi9N6rI7BjzzqCXOWgPpc
oa0AniXfPQmQX7DAUxrQBlNiFWTLBleH
=EQMi
-----END PGP SIGNATURE-----
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux