Fedora Test Day Summary - Confined Users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Greetings!

This Tuesday was the "Confined Users" Test Day / Fit&Finish [1] (TD/F&F).
Though we expected higher attendance, the results are really valuable.
The most valuable outcome of a test day could be a fact that we should 
bring more attention/people to using/testing SELinux policy and related
tools.

Thanks to all who participated and helped with the organization, 
especially to Dan Walsh who promptly started to resolve reported bugs 
and already fixed some important issues.

Following bugs were reported during the TD/F&F by the participants:

ID  	 Summary
529873 	Openswan/pluto - AVC denials when starting the ipsec service
529870 	SELinux is preventing /usr/bin/python "getattr" access on /home/jlaska/.gvfs.
529871 	SELinux is preventing /usr/bin/python "connectto" access on /var/run/nscd/socket.
529758 	SELinux is preventing /usr/sbin/sendmail.sendmail "module_request" access.
529803 	Your system may be seriously compromised! /usr/sbin/nscd attempted to mmap low kernel memory.
529606 	SELinux is preventing /usr/sbin/modem-manager "read write" access to device noz0.
529738 	SELinux is preventing /lib64/dbus-1/dbus-daemon-launch-helper "execute" access on /usr/sbin/abrtd.
529827 	guest_u user not able to run ps
529830 	SELinux failed to limit the authority of execute of user_u
529903 	SELinux is preventing bash "create" access.
529911 	SELinux is preventing nautilus "read write" access on sr0.
529916 	AVCs with confined "mailuser" sending e-mail
529933 	SELinux is preventing /usr/sbin/abrtd "setattr" access on .abrt.
529934 	SELinux is preventing /usr/sbin/abrtd "write" access on /root.
529951 	SELinux is preventing the /bin/loadkeys from using potentially mislabeled files (Documents).
529953 	hp cups selinux denial
529961 	SELinux is preventing /usr/sbin/abrtd "read" access on Bugzilla.conf. 

Have a nice day, 

/Eduard 


[1] - https://fedoraproject.org/wiki/Test_Day:2009-10-20
[2] - http://docs.fedoraproject.org/selinux-user-guide/f10/en-US/sect-Security-Enhanced_Linux-Targeted_Policy-Confined_and_Unconfined_Users.html
[3] - http://magazine.redhat.com/2008/07/02/writing-policy-for-confined-selinux-users/

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux