[policy-1.9-5] VNC module in X AVC
Aleksey Nogin
aleksey at nogin.org
Sun Mar 21 02:48:15 UTC 2004
On 20.03.2004 18:24, Russell Coker wrote:
>>If I have
>>
>>Load "vnc"
>>
>>in my XF86Config, then by default the vnc module will listen on port
>>5900+display. In policy-1.9-5 this does not seem to be allowed:
>
>
> 5900 is not in /etc/services, is it standard?
It is a standard _offset_ for the VNC protocol - 5900 for :0, 5901 for
:1 - same as with 6000 for X.
> If so we need to
> get /etc/services corrected, and to have the port labeled as xserver_port_t.
This might be reasonable - to reserve :0 for X and force Xvnc (which
might be started by users) use higher display numbers.
--
Aleksey Nogin
Home Page: http://nogin.org/
E-Mail: nogin at cs.caltech.edu (office), aleksey at nogin.org (personal)
Office: Jorgensen 70, tel: (626) 395-2907
More information about the selinux
mailing list