Daniel J Walsh wrote:
Aleksey Nogin wrote:
On 11.03.2004 13:18, Daniel J Walsh wrote:
Is nsupdate a program to be run by an ordinary user?
Yes. But if I understand correctly, it only needs to communicate over
UDP or TCP to a DNS server from an unprivileged port. I do not know
why it wants netlink_sockets.
If yes we need to define a security context for nsupdate to allow it
to access the netlink_sockets.
Are you sure? _Why_ does nsupdate need it? Is it not an nsupdate
deficiency?
nsupdate does the following which looks suspicious.
result = isc_net_probeipv4();
if (result == ISC_R_SUCCESS)
have_ipv4 = ISC_TRUE;
How does one use nsupdate?
I just ran it and it came back with a
>
prompt.
Dan
Probably.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
