Issue with updating denyhosts to use systemd
Daniel J Walsh
dwalsh at redhat.com
Tue Jan 31 22:03:49 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
<snip>
Those rules are not a security risk. Basically they say one process
can talk to another process running as denyhosts_t using inherited
fifo_files.
It also allows denyhosts_t to execute /bin/sh within the same context.
Which is also not a problem.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk8oZUQACgkQrlYvE4MpobP8OgCg0vODi9N6rI7BjzzqCXOWgPpc
oa0AniXfPQmQX7DAUxrQBlNiFWTLBleH
=EQMi
-----END PGP SIGNATURE-----
More information about the selinux
mailing list