Re: No need for AV tools on Linux, eh?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 02/12/2011 11:15 AM, Bruno Wolff III wrote:
>
> Most of selinux enforcement is targeted at services and a few user tools
> that commonly process untrusted data (in particular firefox).

Firefox, really?

   $ ps Zax | grep firefox
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 8847 ? S   0:00 /bin/sh 
/usr/lib/firefox-3.6/run-mozilla.sh /usr/lib/firefox-3.6/firefox
   unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 8864 ? Sl   0:01 
/usr/lib/firefox-3.6/firefox
   unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 8880 pts/0 S+   0:00
   $ rpm -qa selinux\*
   selinux-policy-3.9.7-29.fc14.noarch
   selinux-policy-targeted-3.9.7-29.fc14.noarch

Looks about as unconfined as a process can get.  This is from a up-to-date
FC-14 running with the default, targeted policy.

-- 
Bob Nichols     "NOSPAM" is really part of my email address.
                 Do NOT delete it.

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux