If you are building a dbus/PolicyKit "mechanism" please tell SELinux developers about it.
Daniel J Walsh
dwalsh at redhat.com
Fri Oct 9 15:48:50 UTC 2009
Remember if you need to build a tool that will run partially as root, we would like to write policy to confine it. A badly written Dbus activation service, can be just as dangerous as a badly written setuid application. We need to have SELinux confinement on the "root" portion of your application.
Dan
More information about the fedora-devel-list
mailing list