[Fedora] Re: SELinux Attack!
Karl Larsen
k5di at zianet.com
Fri Oct 12 18:45:20 UTC 2007
Alan M. Evans wrote:
> On Fri, 2007-10-12 at 12:09 -0600, Karl Larsen wrote:
>
>
>> Well I used the edit mode at /etc/sysconfig/selinux and there was
>> nothing to do. It says that it is in the disabled mode but it isn't.
>> Where else can I look? All the things on the gui say that selinux is
>> turned off because I did that 4 times. But dmesg says that my computer
>> is coming up in the passive mode. There MUST be a way to stop this :-(
>>
>
> At the point you see
>
> SELinux: Initializing.
> SELinux: Starting in permissive mode
>
> the kernel has barely detected the CPU, memory, and system bus. Of
> course it has to start up in some mode before it's able to read the
> config file. Search further down and you will see
>
> SELinux: Disabled at runtime.
>
> I'm not absolutely certain, but I'd guess that this is still long before
> CUPS starts.
>
>
>
Well this is what I saw and thought it was accurate:
.text : 0xc0400000 - 0xc060f3a8 (2108 kB)
Checking if this processor honours the WP bit even in supervisor mode... Ok.
SLUB: Genslabs=22, HWalign=64, Order=0-1, MinObjects=4, CPUs=1, Nodes=1
Calibrating delay using timer specific routine.. 3618.46 BogoMIPS
(lpj=1809234)
Security Framework v1.0.0 initialized
SELinux: Initializing.
SELinux: Starting in permissive mode
selinux_register_security: Registering secondary module capability
Capability LSM initialized as secondary
Mount-cache hash table entries: 512
The next place I see selinux it says:
VFS: Disk quotas dquot_6.5.1
Dquot-cache hash table entries: 1024 (order 0, 4096 bytes)
SELinux: Registering netfilter hooks
ksign: Installing public key data
OK! I found it. And it says selinux is off:
EXT3-fs: mounted filesystem with ordered data mode.
SELinux: Disabled at runtime.
SELinux: Unregistering netfilter hooks
audit(1192181814.563:2): selinux=0 auid=4294967295
Thank you! Others of course claim I do not listen to them. But that is
not the case. I listen and when what they are wrong I may just not write
anything.
--
Karl F. Larsen, AKA K5DI
Linux User
#450462 http://counter.li.org.
More information about the fedora-list
mailing list