Re: denied avcs for kde again :(

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Kevin Kofler wrote:
> Daniel J Walsh wrote:
>> I have also seen similar with it trying to create the directory in
>> /root.  Which is also somewhat bad.  I do not want to give login
>> programs the ability to write to these directories, because attackers
>> without passwords can get the login programs to execute large amounts of
>> codes without ever identifying themselves.  gdm is setup with a homedir
>> of /var/lib/gdm, which allows us to confine the gdm login program.
>>
>> Kde login needs something similar,  I believe there is a bug on this,
>> but it would not hurt to open another.
> 
> KDM runs as root, so of course its homedir is /root. KDM does not support
> running as anything other than root (just like XDM and pretty much any
> display manager other than the latest GDM).
> 
>         Kevin Kofler
> 
Its homedir is not currently /root it is /.  That is what the AVC's are
indicating.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkmavNUACgkQrlYvE4MpobNtFQCffL+nby+dxcvRxeO+Vwtd3TKM
zRoAn1DJ4/7ilc25OBsZ+bDv43G8uR4H
=HT6G
-----END PGP SIGNATURE-----

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux