On 9/2/2015 17:10, Daniel J Walsh wrote:Abort must have been executed under the pyzor context. All SELinux is reporting what the kernel sees. For the record, I freely admit to not understanding the mechanism by which this happened, so if I am totally off base with what I'm about to suggest I apologize for my ignorance. Isn't the fact a separate entity like abrt can make itself look like python was to blame for something it did a cause for some concern? Is it possible some malicious program could use this same masquerade process to assume the identity of some other process and do things SELinux wouldn't normally allow? Tom |
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux