kernel-2.6.7-1.439: 'new' AVCs at boot time
Russell Coker
russell at coker.com.au
Tue Jun 29 16:34:26 UTC 2004
On Wed, 30 Jun 2004 01:28, Stephen Smalley <sds at epoch.ncsc.mil> wrote:
> It should be harmless, as any attempt by udev to access proc before it
> is mounted is going to fail anyway, so this just changes the error
> condition (ENOENT -> EACCES).
We will have to add a dontaudit rule for it as we do for a number of other
domains that may access mount points before the file system is mounted.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-selinux-list
mailing list