policy for mgetty fax receive and new_fax
Klaus Lichtenwalder
k.lichtenwalder at computer.org
Tue Dec 29 11:27:56 UTC 2009
Am Dienstag, den 29.12.2009, 12:16 +0100 schrieb Dominick Grift:
> On Tue, Dec 29, 2009 at 10:17:36AM +0100, Klaus Lichtenwalder wrote:
> > Hi,
> >
> > just tried receiving a fax with mgetty (and notifying me via email with
> > the attached fax)
> > Watching all denials flowing by (permissive mode,
> > selinux-policy-targeted-3.6.32-59.fc12.noarch) I'm wondering whether
> > someone already started preparing a policy or whether I should try to
> > start it on myself? Anyone knows? Google does not find much of value
>
> Can you show us the AVC denials?
Sure, no problem. One thing, as a first step I put new_fax into bin_t,
as this was a suggestion from sealert output.
I do think this probably does not belong to the getty policy, as mgetty,
receiving a fax, does far more than standard getty, imho.
Klaus
--
------------------------------------------------------------------------
Klaus Lichtenwalder, Dipl. Inform., http://lklaus.homelinux.org/Klaus/
PGP Key fingerprint: A5C0 F73A 2C83 96EE 766B 9C62 DB6D 1258 0E9B B6D1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: MGETTY-POL
Type: text/x-vhdl
Size: 7278 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20091229/ca6edfe8/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20091229/ca6edfe8/attachment.sig>
More information about the fedora-selinux-list
mailing list