SELinux and stunnel

W. Michael Petullo mike at flyn.org
Tue Jul 20 22:06:53 UTC 2004


>> I am using stunnel to create an encrypted tunnel for SMTP connections to
>> my ISP.  I have configured xinetd to execute stunnel appropriately when
>> a connection is made to localhost:465.  This has stopped working when
>> using recent strict policies.  I now see the following errors in my
>> system logs:

> inetd_child_t has access to /dev/urandom.  If stunnel is labelled as
> inetd_child_exec_t then things should just work for you.
>
> Is stunnel commonly used in any other way than through inetd?  If not then
> we'll just change the default policy to label it as inetd_child_exec_t.

I use stunnel through inetd.  It seems like a good way to use it.  That's
about all that I can attest to.

--
Mike




More information about the selinux mailing list