SELinux mystery
Joe Smith
jes at martnet.com
Wed Nov 14 17:04:22 UTC 2007
Daniel J Walsh wrote:
> You redirected stdout/stderr to a file labeled user_home_t and started
> the Xserver. From that point on ...
Wow. Interesting. So SELinux is actually checking for accesses that
haven't occurred yet? Simply having modprobe run and inherit an open
file descriptor that "looks out of place" (a file in my a user dir) is
enough to trigger a warning (SELinux hasn't actually denied any access,
right?). Pretty slick actually, even if it is mysterious.
Thanks so much for explaining!
<Joe
More information about the fedora-list
mailing list