Selinux: Blocked-Messages in permissive mode?

Daniel J Walsh dwalsh at redhat.com
Mon Feb 18 14:40:42 UTC 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Tim wrote:
> On Sat, 2008-02-16 at 13:52 -0800, Peter Gordon wrote:
>> My understanding is that you are correct about this. "Permissive" only
>> logs these denials of what _would_ happen should you switch the
>> SELinux configuration to "enforcing" mode. However, the access is
>> still granted. 
> 
> There has been bugs where things did get denied in permissive mode, from
> time to time.
> 
Not since Fedora 2/3 that I am aware of.

Permissive is what it says it is.  It logs messages of denials that
would have happened if the machine was in enforcing mode.

http://danwalsh.livejournal.com/3144.html Has further explanation.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAke5mOoACgkQrlYvE4MpobPi8ACfRtqvLSYEhRDZgQCZZyUX0tLl
OfAAn1xASWbq6bfxXkEs9mjnwNl6qBeu
=nEJN
-----END PGP SIGNATURE-----




More information about the fedora-list mailing list