-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 <snip> Those rules are not a security risk. Basically they say one process can talk to another process running as denyhosts_t using inherited fifo_files. It also allows denyhosts_t to execute /bin/sh within the same context. Which is also not a problem. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk8oZUQACgkQrlYvE4MpobP8OgCg0vODi9N6rI7BjzzqCXOWgPpc oa0AniXfPQmQX7DAUxrQBlNiFWTLBleH =EQMi -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
