On Thu, Aug 4, 2011 at 2:14 PM, Aaron Sowry <aaron@xxxxxxxxx> wrote:
If the fork results in a type transition (say from sysadm_t to mozilla_t), then the environment is cleaned up (see glibc's AT_SECURE setting).
If you do not want the environment to be cleared, allow noatsecure, like so:
allow sysadm_t mozilla_t:process noatsecure;
Wkr,
Sven Vermeulen
PS Aaron sorry for double post, reply-to went to you instead of mailinglist.
It appears that with SELinux enabled, the LD_LIBRARY_PATH environment
variable is not inherited by user processes forked by a root process.
This is on RHEL6.
What is the general SELinux policy regarding LD_LIBRARY_PATH? Is there
any way to change this behaviour? I couldn't find any documentation
regarding this.
If the fork results in a type transition (say from sysadm_t to mozilla_t), then the environment is cleaned up (see glibc's AT_SECURE setting).
If you do not want the environment to be cleared, allow noatsecure, like so:
allow sysadm_t mozilla_t:process noatsecure;
Wkr,
Sven Vermeulen
PS Aaron sorry for double post, reply-to went to you instead of mailinglist.
