Selinux: Blocked-Messages in permissive mode?
Daniel J Walsh
dwalsh at redhat.com
Mon Feb 18 14:40:42 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tim wrote:
> On Sat, 2008-02-16 at 13:52 -0800, Peter Gordon wrote:
>> My understanding is that you are correct about this. "Permissive" only
>> logs these denials of what _would_ happen should you switch the
>> SELinux configuration to "enforcing" mode. However, the access is
>> still granted.
>
> There has been bugs where things did get denied in permissive mode, from
> time to time.
>
Not since Fedora 2/3 that I am aware of.
Permissive is what it says it is. It logs messages of denials that
would have happened if the machine was in enforcing mode.
http://danwalsh.livejournal.com/3144.html Has further explanation.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAke5mOoACgkQrlYvE4MpobPi8ACfRtqvLSYEhRDZgQCZZyUX0tLl
OfAAn1xASWbq6bfxXkEs9mjnwNl6qBeu
=nEJN
-----END PGP SIGNATURE-----
More information about the fedora-list
mailing list