On 9/2/2015 17:10, Daniel J Walsh wrote:
Abort must have been executed under the pyzor context. All
SELinux is reporting what the kernel sees.
For the record, I freely admit to not understanding the mechanism by
which this happened, so if I am totally off base with what I'm about
to suggest I apologize for my ignorance.
Isn't the fact a separate entity like abrt can make itself look like
python was to blame for something it did a cause for some concern?
Is it possible some malicious program could use this same masquerade
process to assume the identity of some other process and do things
SELinux wouldn't normally allow?
Tom