[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

privoxy.te



Running strict/enforcing off of latest rawhide
(selinux-policy-strict-1.18.2-2):

privoxy generates:

Nov  7 13:44:10 fedora kernel: audit(1099863850.432:0): avc:  denied 
{ connect } for  pid=14703 exe=/usr/sbin/privoxy
scontext=system_u:system_r:privoxy_t
tcontext=system_u:system_r:privoxy_t tclass=udp_socket
Nov  7 13:44:10 fedora kernel: audit(1099863850.469:0): avc:  denied 
{ connect } for  pid=14703 exe=/usr/sbin/privoxy
scontext=system_u:system_r:privoxy_t
tcontext=system_u:system_r:privoxy_t tclass=tcp_socket

This patch seems to fix it:
--- SAVE/privoxy.te     2004-11-07 18:00:09.433732712 -0800
+++ ./privoxy.te        2004-11-07 18:00:40.419276794 -0800
@@ -18,6 +18,7 @@
 # Use the network.
 can_network(privoxy_t)
 allow privoxy_t port_t:{ tcp_socket udp_socket } name_bind;
+allow privoxy_t self:{ tcp_socket udp_socket } connect;
 allow privoxy_t etc_t:file { getattr read };
 allow privoxy_t self:capability { setgid setuid };
 allow privoxy_t self:unix_stream_socket create_socket_perms ;


tom
-- 
Tom London


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]