On Sat, Dec 26, 2009 at 12:27:28PM +0100, Dominick Grift wrote: > > I'm using Fedora 12 and was wondering why, If I I run my sshd on a non- > > standard port...why don't SELinux registers an access violation? > > I see that "ssh_port_t" is there (attached to port 22) ... Is this not > > implemented yet for SSHD? > Good question. It seems that the policy maintainer decided to allow sshd_t to all unreserved ports. > corenet_tcp_bind_all_unreserved_ports($1_t) in ssh_server_template services/ssh.if > I dont know why and i rather not allow it to bind to all unreserved port by default either, Possibly needed for ssh port forwarding? -- Matthew Miller mattdm@xxxxxxxxxx <http://mattdm.org/> -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
