On 29/09/2014 13:00, selinux-request(a)lists.fedoraproject.org wrote:
Message: 2 Date: Mon, 29 Sep 2014 10:00:00 +0200 From: Florian
Weimer
<fweimer(a)redhat.com> To: selinux(a)lists.fedoraproject.org Subject: Re:
SELinux and the bash exploit. Message-ID:
<54291180.6020903(a)redhat.com> Content-Type: text/plain; charset=utf-8;
format=flowed On 09/25/2014 11:40 PM, Daniel J Walsh wrote:
> >
https://danwalsh.livejournal.com/71122.html
I wonder why environment variables aren't labeled because they evidently
cross trust boundaries in surprising fashions.
-- Florian Weimer / Red Hat Product Security
Hmm. Quite so. I sense a whole raft of environmental cleansing
mechanisms being added to SELinux any minute now..
--
Ted Rule
Director, Layer3 Systems Ltd
Layer3 Systems Limited is registered in England. Company no 3130393
43 Pendle Road, Streatham, London, SW16 6RT
Tel: 020-8769-4484
Mob: 07946-908914
GPG Fingerprint = 9227:3434:b51d:c7a1:eea6:21e2:418a:8997:c104:7566
E: ejtr(a)layer3.co.uk
W:
http://www.layer3.co.uk/