>> I am using stunnel to create an encrypted tunnel for SMTP connections to >> my ISP. I have configured xinetd to execute stunnel appropriately when >> a connection is made to localhost:465. This has stopped working when >> using recent strict policies. I now see the following errors in my >> system logs: > inetd_child_t has access to /dev/urandom. If stunnel is labelled as > inetd_child_exec_t then things should just work for you. > > Is stunnel commonly used in any other way than through inetd? If not then > we'll just change the default policy to label it as inetd_child_exec_t. I use stunnel through inetd. It seems like a good way to use it. That's about all that I can attest to. -- Mike
