Re: SELinux question - to fix bug in Webmin

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 30 August 2007, Kenneth Porter <shiva@xxxxxxxxxxxxxxx> wrote:
> Message: 75
<snip>
> You might also want to direct your question to the SELinux people on
> their lists:
> 
> <http://www.redhat.com/mailman/listinfo/fedora-selinux-list>
> <http://www.nsa.gov/selinux/info/list.cfm>
> 
> (I'm curious to know what the solution is, though, so please follow up
> back here with anything you find!)

Ken: I posted on the fedora-selinux-list  Below is the reply from Daniel
J. Walsh at Redhat. Lanny

> This explanation and description of the problem are fine.  We probably
> need a custom policy for webmin to allow iptables to write to scripts
> running as webmin, since catching stderr is important.   There is no
> file context that can be set to allow this.  As I recall from the
> original bug report, iptables was also trying to communicate with
> another open file descriptor.  This one I beleive should be closed on
> exec.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux