SELinux and stunnel

Russell Coker russell at coker.com.au
Tue Jul 20 05:20:58 UTC 2004


On Tue, 20 Jul 2004 11:49, "W. Michael Petullo" <mike at flyn.org> wrote:
> I am using stunnel to create an encrypted tunnel for SMTP connections to
> my ISP.  I have configured xinetd to execute stunnel appropriately when a
> connection is made to localhost:465.  This has stopped working when using
> recent strict policies.  I now see the following errors in my system logs:

inetd_child_t has access to /dev/urandom.  If stunnel is labelled as 
inetd_child_exec_t then things should just work for you.

Is stunnel commonly used in any other way than through inetd?  If not then 
we'll just change the default policy to label it as inetd_child_exec_t.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page



More information about the selinux mailing list