[Fedora] Re: SELinux Attack!

Karl Larsen k5di at zianet.com
Fri Oct 12 18:45:20 UTC 2007 

Alan M. Evans wrote:
> On Fri, 2007-10-12 at 12:09 -0600, Karl Larsen wrote:
>
>   
>> Well I used the edit mode at /etc/sysconfig/selinux and there was 
>> nothing to do. It says that it is in the disabled mode but it isn't. 
>> Where else can I look? All the things on the  gui say that selinux is 
>> turned off because I did that 4 times.  But dmesg says that my computer 
>> is coming up in the passive mode. There MUST be a way to stop this :-(
>>     
>
> At the point you see
>
>         SELinux:  Initializing.
>         SELinux:  Starting in permissive mode
>
> the kernel has barely detected the CPU, memory, and system bus. Of
> course it has to start up in some mode before it's able to read the
> config file. Search further down and you will see 
>
>         SELinux:  Disabled at runtime.
>
> I'm not absolutely certain, but I'd guess that this is still long before
> CUPS starts.
>
>
>   
Well this is what I saw and thought it was accurate:

      .text : 0xc0400000 - 0xc060f3a8   (2108 kB)
Checking if this processor honours the WP bit even in supervisor mode... Ok.
SLUB: Genslabs=22, HWalign=64, Order=0-1, MinObjects=4, CPUs=1, Nodes=1
Calibrating delay using timer specific routine.. 3618.46 BogoMIPS 
(lpj=1809234)
Security Framework v1.0.0 initialized
SELinux:  Initializing.
SELinux:  Starting in permissive mode
selinux_register_security:  Registering secondary module capability
Capability LSM initialized as secondary
Mount-cache hash table entries: 512

The next place I see selinux it says:

VFS: Disk quotas dquot_6.5.1
Dquot-cache hash table entries: 1024 (order 0, 4096 bytes)
SELinux:  Registering netfilter hooks
ksign: Installing public key data


OK! I found it. And it says selinux is off:

EXT3-fs: mounted filesystem with ordered data mode.
SELinux:  Disabled at runtime.
SELinux:  Unregistering netfilter hooks
audit(1192181814.563:2): selinux=0 auid=4294967295


Thank you! Others of course claim I do not listen to them. But that is 
not the case. I listen and when what they are wrong I may just not write 
anything.




-- 

	Karl F. Larsen, AKA K5DI
	Linux User
	#450462   http://counter.li.org.

More information about the users mailing list