Strict policy working?
Jimmy
Tomtefans at gmail.com
Thu Nov 30 20:10:58 UTC 2006
Does the strict policy work at all?
Ive installed FC6 4 times on 2 different PCs, and after the default
installation ive installed the strict policypackage and enabled it,
relabeled the disk and rebooted it.
X boots up, but i cant login. I get an error message, and looking deeper
into it it says:
"Xlib: connection to ":0.0" refused by server
Xlib: no protocol specified
xrdb: Can´t open display ':0'
...
..."
When i switch off enforced (setenforce 0), it works fine. I have tried
this with the latest policy and updates as well, and seriously starting
to wonder if the policy really works "out of the box".
The reason i want the strict policy is Fedoras own description of the
strict policy:
"Strict policy works best where you have a controlled userspace. For
example, you can setup a security policy where your users are only
allowed to use the Web browser to view files on the Internet and only
allowed to download to certain directories. You could limit what
applications the Web browser can launch to /helper/ applications."
This is exactly what i want to do, i want to be able to boot up a FC6 on
my Vmware machine, and start a firefox session and browse some stuff on
the web in a secure way.
Sooo... is the strict policy broken, or am i broken? ;)
With best regards / Tomten
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20061130/52791d5f/attachment.htm>
More information about the fedora-selinux-list
mailing list