who provides /etc/sysconfig/selinux?
Jesse Keating
jkeating at j2solutions.net
Wed Apr 7 20:39:53 UTC 2004
On Wednesday 07 April 2004 13:42, Richard Hally wrote:
> My first guess was that it was provided by anaconda 'cause supposedly
> you only get it if you do an install(rather than upgrade) but doing
> rpm -q--filesby pkg of anaconda does not show it. It look to me like
> it is a back door to turn off SELinux on an unsuspecting sysadmin.
> Richard Hally
Files created by %post scripts of rpms, or by the installer, don't
usually get "owned" by any particular package.
If you have somebody on the system that can write to your
/etc/sysconfig/selinux file while you have SELinux on and enabled, then
it's time to review your SELinux rule set and who you're handing root
accounts out to.
--
Jesse Keating RHCE (geek.j2solutions.net)
Fedora Legacy Team (www.fedoralegacy.org)
GPG Public Key (geek.j2solutions.net/jkeating.j2solutions.pub)
Was I helpful? Let others know:
http://svcs.affero.net/rm.php?r=jkeating
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
URL: <http://listman.redhat.com/archives/fedora-test-list/attachments/20040407/2ed36fb8/attachment.sig>
More information about the fedora-test-list
mailing list