[Bug 1029710] Amavisd fails to identify attached zipped files with .exe extensions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

https://bugzilla.redhat.com/show_bug.cgi?id=1029710

Steve Tindall <s10dal@xxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
              Flags|needinfo?(s10dal@xxxxxxxxxx |
                   |)                           |



--- Comment #4 from Steve Tindall <s10dal@xxxxxxxxxx> ---
The initial "Description" (see above) may cause some confusion as to what bug I
am describing. Initially, I did not recognize the failure of amavisd to run 7za
as a SELinux denial and then in Comment 1 described the avc denial issues
causing the failure of 7za to list the contents of the zipped file.

On a macro level, I define the bug as amavisd failing to quarantine a mail with
a zipped exe attachment under SELinux Enforcing Policy.

By failure to reproduce the bug, do you mean that you created a zipped exe file
(as detailed above in Description), attached it to a mail, sent the mail and
observed the mail being quarantined/rejected under Enforcing Policy?

Also, the sender should get a rejection notice and a maillog entry containing
"...Blocked BANNED (.asc,contains_zip.exe)..." or similar text should be
present.


Yes, localamavisd is local SELinux policy described in Comment 1 that allows
7za to be called by amavisd. With localamavisd installed under Enforcing
Policy, mail with a zipped exe attachment is quarantined, whereas with
localamavisd removed, the mail is transmitted without being quarantined.


Other info:

# rpm -q amavisd-new p7zip selinux-policy selinux-policy-targeted
amavisd-new-2.8.0-8.el6.noarch
p7zip-9.20.1-2.el6.i686
selinux-policy-3.7.19-231.el6_5.3.noarch
selinux-policy-targeted-3.7.19-231.el6_5.3.noarch

# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=LPumoHKEuP&a=cc_unsubscribe
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
perl-devel mailing list
perl-devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Legacy Announce]     [Fedora PHP Devel]     [Kernel Devel]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite Information]
  Powered by Linux