Kevin Fenzi kevin at
Tue Sep 3 15:48:52 UTC 2013

On Tue, 03 Sep 2013 10:10:32 -0400
Jay Greguske <jgregusk at> wrote:

> If we had SELinux policy enabled on the builders and used MLS on the
> chroots that would mitigate chroot-to-chroot attacks. I'm not sure if
> policy could prevent a chroot'ed process from getting access to the
> builder's certificate. If it could, I think getting SELinux working on
> the builders would be an easier path than re-writing koji to use VMs.
> Maybe someone with more expertise could comment on the latter issue.

In the past we had selinux disabled on the builders, as mock didn't
handle selinux very well at all and there were issues. (even in
permissive mode).

With this switch to Fedora 19 for builders, we also enabled selinux in
permissive mode to gather information on any outstanding issues/avcs. 

Ideally I would like to get them all to enforcing and make sure we lock
down the builds as much as we are able from the vm. 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <>

More information about the devel mailing list