SELinux Attack!

Karl Larsen k5di at zianet.com
Sun Oct 14 15:42:09 UTC 2007 

Matthew Saltzman wrote:
> On Sun, 2007-10-14 at 05:35 -0600, Karl Larsen wrote:
>   
>> Erich Zigler wrote:
>>     
>>> On Sat, 13 Oct 2007 11:32:11 -0600 Karl Larsen <k5di at zianet.com> wrote:
>>>
>>>   
>>>       
>>>>     I will not turn on SELinux again until I see a update for dbus.
>>>> It appears dbus is used only by SELinux.
>>>>     
>>>>         
>>> Incorrect. dbus is not used by SELinux. dbus and SELinux do not
>>> depend or require each other. Many GNOME/GTK applications you are
>>> running on your machine require dbus. If you do a ps auxww | grep dbus
>>> right now you will see that it is running.
>>>
>>> D-Bus is a message bus system, a simple way for applications to talk
>>> to one another. In addition to interprocess communication, D-Bus helps
>>> coordinate process lifecycle; it makes it simple and reliable to code a
>>> "single instance" application or daemon, and to launch applications and
>>> daemons on demand when their services are needed.
>>>
>>> D-Bus supplies both a system daemon (for events such as "new hardware
>>> device added" or "printer queue changed") and a per-user-login-session
>>> daemon (for general IPC needs among user applications). Also, the
>>> message bus is built on top of a general one-to-one message passing
>>> framework, which can be used by any two apps to communicate directly
>>> (without going through the message bus daemon). Currently the
>>> communicating applications are on one computer, or through unencrypted
>>> TCP/IP suitable for use behind a firewall with shared NFS home
>>> directories. (Help wanted with better remote transports - the transport
>>> mechanism is well-abstracted and extensible.)
>>>
>>> Source: http://www.freedesktop.org/wiki/Software/dbus
>>>
>>> For an incomplete list of applications that require dbus:
>>> http://www.freedesktop.org/wiki/Software/DbusProjects
>>>
>>> Please please please do some research and googling before you try to
>>> pass off halfcocked misinformation to the list. This negatively impacts
>>> you, this list, and the community. It also affects the potential
>>> user/sysadmin googling for this same issue which comes upon your
>>> misinformation and decides to act on it.
>>>
>>> - Erich
>>>
>>>   
>>>       
>>     I DID Google dbus and it came up with many but one was interesting 
>> to me because it was another user having trouble with SELinux and he 
>> found the same problem I have. He said the problem in dbus was fixed in 
>> FC6 but is again a problem in F7.
>>     
>
> Hey, *I* googled that and told you about it.
>
> That writer also said that the message was harmless, other than filling
> the logs.  In addition, I said that I don't see the message more than a
> few times in my normally operating system.
>
> I'm pretty sure that whatever is causing your major problems, this isn't
> it.
>
> Did you try my suggestion of relabeling and re-enabling SELinux?  Did it
> help?
>
>   
>>     Now. Due to the problem with dbus I can't use SELinux because it 
>> uses dbus and has a problem with that. So your wrong with thinking 
>> SELinux does not use dbus, It certainly does and that I can prove.
>>
>>
>>
>>     
    You were the one who did lead me to that Google page and thanks 
again. This lead to other Google finds that make me think I can turn 
SELinux back on and have a fix to apply when it causes problems that 
seem to be concurrent with a selinux upgrade.




-- 

	Karl F. Larsen, AKA K5DI
	Linux User
	#450462   http://counter.li.org.

More information about the fedora-list mailing list