httpd is running with type:
root:system_r:unconfined_t
What does this mean? Is httpd a vulnerability on this machine?
On Jun 22, 2005, at 6:35 PM, Colin Walters wrote:
On Wed, 2005-06-22 at 17:41 -0400, Jon August wrote:
I updated the policy after I found that there was a bug with starting
DHCP and since then I haven't had any issues getting things to work.
Things like a CGI script running sendmail to send an email - which
used to show up in the audit log, now work fine.
What can I do to see if SELinux is still paying attention?
You can run 'ps axZ | grep processname' to see the security context
that
a process is running under. For example,
[root@nexus walters]# ps axZ | grep httpd
root:system_r:httpd_t 2723 ? Ss 0:00 /usr/
sbin/httpd
If you see httpd_t then you can be pretty sure your CGI script is
confined. The only way it could not be, off the top of my head, is if
you have a script labeled with the type
httpd_unconfined_script_exec_t.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
