Re: selinux Digest, Vol 127, Issue 13

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 29/09/2014 13:00, selinux-request@xxxxxxxxxxxxxxxxxxxxxxx wrote:
Message: 2
Date: Mon, 29 Sep 2014 10:00:00 +0200
From: Florian Weimer <fweimer@xxxxxxxxxx>
To: selinux@xxxxxxxxxxxxxxxxxxxxxxx
Subject: Re: SELinux and the bash exploit.
Message-ID: <54291180.6020903@xxxxxxxxxx>
Content-Type: text/plain; charset=utf-8; format=flowed

On 09/25/2014 11:40 PM, Daniel J Walsh wrote:

> https://danwalsh.livejournal.com/71122.html

I wonder why environment variables aren't labeled because they evidently 
cross trust boundaries in surprising fashions.


-- 
Florian Weimer / Red Hat Product Security


Hmm. Quite so. I sense a whole raft of environmental cleansing mechanisms being added to SELinux any minute now..



-- 
Ted Rule

Director, Layer3 Systems Ltd
Layer3 Systems Limited is registered in England.  Company no 3130393
43 Pendle Road, Streatham, London, SW16 6RT

Tel: 020-8769-4484
Mob: 07946-908914
GPG Fingerprint = 9227:3434:b51d:c7a1:eea6:21e2:418a:8997:c104:7566

E: ejtr@xxxxxxxxxxxx
W: http://www.layer3.co.uk/
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux