Strange Mailman/Sendmail Audit messages in Fedora-10?

Derek Atkins warlord at MIT.EDU
Mon Feb 9 17:47:51 UTC 2009


Hi,

Paul Howarth <paul at city-fan.org> writes:

[snip]
> Do your milters exec other programs? There are a couple of sockets

I don't think so, but I don't know.  I'm using clamav-milter,
spamass-milter, and milter-sender.  I'm pretty sure that the
latter doesn't fork/exec.  I don't know about clamav or spamass.

> involved in the milter process (one in libmilter that shows up in the
> milter process itself, and one at the other end of the connection in
> sendmail) that don't have close-on-exec set, so their descriptors leak
> when they exec other programs, and that looks like what you're seeing
> here. I've submitted patches against 8.14.3 upstream many months ago
> but there hasn't been a new release since.
>
> In the meantime, I expect you can safely dontaudit these.

Okay, how would I do that?

> Paul.

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord at MIT.EDU                        PGP key available




More information about the fedora-selinux-list mailing list