SELinux Attack!
Matthew Saltzman
mjs at CLEMSON.EDU
Sun Oct 14 15:23:41 UTC 2007
On Sun, 2007-10-14 at 05:35 -0600, Karl Larsen wrote:
> Erich Zigler wrote:
> > On Sat, 13 Oct 2007 11:32:11 -0600 Karl Larsen <k5di at zianet.com> wrote:
> >
> >
> >> I will not turn on SELinux again until I see a update for dbus.
> >> It appears dbus is used only by SELinux.
> >>
> >
> > Incorrect. dbus is not used by SELinux. dbus and SELinux do not
> > depend or require each other. Many GNOME/GTK applications you are
> > running on your machine require dbus. If you do a ps auxww | grep dbus
> > right now you will see that it is running.
> >
> > D-Bus is a message bus system, a simple way for applications to talk
> > to one another. In addition to interprocess communication, D-Bus helps
> > coordinate process lifecycle; it makes it simple and reliable to code a
> > "single instance" application or daemon, and to launch applications and
> > daemons on demand when their services are needed.
> >
> > D-Bus supplies both a system daemon (for events such as "new hardware
> > device added" or "printer queue changed") and a per-user-login-session
> > daemon (for general IPC needs among user applications). Also, the
> > message bus is built on top of a general one-to-one message passing
> > framework, which can be used by any two apps to communicate directly
> > (without going through the message bus daemon). Currently the
> > communicating applications are on one computer, or through unencrypted
> > TCP/IP suitable for use behind a firewall with shared NFS home
> > directories. (Help wanted with better remote transports - the transport
> > mechanism is well-abstracted and extensible.)
> >
> > Source: http://www.freedesktop.org/wiki/Software/dbus
> >
> > For an incomplete list of applications that require dbus:
> > http://www.freedesktop.org/wiki/Software/DbusProjects
> >
> > Please please please do some research and googling before you try to
> > pass off halfcocked misinformation to the list. This negatively impacts
> > you, this list, and the community. It also affects the potential
> > user/sysadmin googling for this same issue which comes upon your
> > misinformation and decides to act on it.
> >
> > - Erich
> >
> >
> I DID Google dbus and it came up with many but one was interesting
> to me because it was another user having trouble with SELinux and he
> found the same problem I have. He said the problem in dbus was fixed in
> FC6 but is again a problem in F7.
Hey, *I* googled that and told you about it.
That writer also said that the message was harmless, other than filling
the logs. In addition, I said that I don't see the message more than a
few times in my normally operating system.
I'm pretty sure that whatever is causing your major problems, this isn't
it.
Did you try my suggestion of relabeling and re-enabling SELinux? Did it
help?
>
> Now. Due to the problem with dbus I can't use SELinux because it
> uses dbus and has a problem with that. So your wrong with thinking
> SELinux does not use dbus, It certainly does and that I can prove.
>
>
>
--
Matthew Saltzman
Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs
More information about the users
mailing list