SE Linux Questions
Russell Coker
russell at coker.com.au
Wed Apr 14 12:58:37 UTC 2004
On Wed, 14 Apr 2004 21:21, Jim Cornette <redhat-jc at insight.rr.com> wrote:
> This is a job that the developers know what errors are valid for aiding
> their forward refinements to the security Linux concept. Automated
> reporting sounds like the most productive way to accomplish this error
> tracking.
>
> Hopefully, this automatic logging and informing developers can be used
> for the early stages of development, then slacked off after refinements
> are successfully implemented and errors with SELinux are very few.
Having AVC messages on their own often does not help in solving problems. We
also need to know whether the program continues to work in spite of not being
granted access (IE whether it's something the program really needs). We also
need to know what the user is trying to do (consider the example of procmail
and the Sendmail mqueue directory).
I don't think that an automatic report is of any use unless the administrator
of the system is prepared to get involved (in which case they can send a
manual report).
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-test-list
mailing list