No need for AV tools on Linux, eh?
Bruno Wolff III
bruno at wolff.to
Sun Feb 13 06:17:15 UTC 2011
On Sat, Feb 12, 2011 at 22:25:41 -0600,
Robert Nichols <rnicholsNOSPAM at comcast.net> wrote:
>
> All the plugins on my F-14 and F-12 machines have context
> system_u:object_r:lib_t with the exception of nppdf.so which
> is unconfined_u:object_r:lib_t. Nothing there that's going to
> cause a transition out of unconfined_t.
This is the article that I probably remember this from. There is a plugin
wrapper that is used to have a transition. It also talks about some of the
issues with trying to confine a web browser.
http://danwalsh.livejournal.com/15700.html?thread=117076
> I keep hearing noise about how vital it is to have SELinux protecting
> against browser exploits, but I've yet to see any evidence that a
> standard (i.e., targeted policy) SELinux installation has anything
> beyond execmem protection for the browser process, or, for that matter,
> for a lot of other vulnerable targets such as the thunderbird mail
> reader or the evince and acroread document viewers.
It's probably even more important for mail clients since they process
unsolicited data.
More information about the users
mailing list