Re: CVE-2011-0997: How strictly confined is dhcpc_t?
On Thu, Apr 7, 2011 at 1:04 PM, Christoph A. <casmls(a)gmail.com> wrote:
Hi,
in the light of the security vulnerability in the ISC DHCP client
[1][2][3], the obvious question for a fedora/rh/centos user is:
Does SELinux prevent dhclient from accessing my $HOME (user_home_dir_t)
and /media (mnt_t)?
How strictly confined is dhcpc_t?
In my knowledge of selinux nobody in the selinux
world can access
home directory by default. And this also true for dhcpc. I have not
found, also on fc12, rilevant permission given
to dhcpc_t on user_home_dir_t and /mnt_t : the only found are for or
reading the fs attribute and similar read permission.
Best Regards