On 07/16/2009 10:50 PM, Christoph Höger wrote: > Hi, > > after looking at: > http://blog.cr0.org/2009/07/old-school-local-root-vulnerability-in.html > > I wondered if SELinux would not be the right answer to those re-exec > exploits. I guess that pulseaudio should run as something like > pulseaudio_t which has all caps it needs. > Re-exec should not change that as pulseaudio does not need any > transformation of context. > > So short question: Does it work that way? Read this http://blog.namei.org/2009/07/18/a-brief-note-on-the-2630-kernel-null-pointer-vulnerability/ Rahul -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
