Re: AVCs seen when running spamass-milter as root

I think these are leaked file descriptors from spamass-milter but the curious thing is, I don't see them when I run the milter in its normal configuration as a non root user; they only appear when it's run as root (which I'm only doing to test a patch for a security vulnerability, and I have to do that in permissive mode too since SELinux makes the vulnerability very difficult to test ;-) ) type=AVC msg=audit(1268768820.019:35365): avc: denied { read write } for pid=4941 comm="spamc" name="1" dev=devpts ino=4 scontext=unconfined_u:system_r:spamc_t:s0 tcontext=unconfined_u:object_r:user_devpts_t:s0 tclass=chr_file type=SYSCALL msg=audit(1268768820.019:35365): arch=c000003e syscall=59 success=yes exit=0 a0=409fae a1=7f6c98000f70 a2=7fff2c255858 a3=7f6ca0ffa7c0 items=0 ppid=1368 pid=4941 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=3170 comm="spamc" exe="/usr/bin/spamc" subj=unconfined_u:system_r:spamc_t:s0 key=(null) Why would they only appear when the process that calls spamc is running as root? Paul. -- selinux mailing list selinux(a)lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux