On 9/2/2015 17:10, Daniel J Walsh wrote:
Abort must have been executed under the pyzor context. All SELinux
is
reporting what the kernel sees.
For the record, I freely admit to not understanding the mechanism by
which this happened, so if I am totally off base with what I'm about to
suggest I apologize for my ignorance.
Isn't the fact a separate entity like abrt can make itself look like
python was to blame for something it did a cause for some concern? Is it
possible some malicious program could use this same masquerade process
to assume the identity of some other process and do things SELinux
wouldn't normally allow?
Tom