[CentOS] SELinux blocking cgi script from "writing to socket (httpd_t)"
夜神 岩男
supergiantpotato at yahoo.co.jpWed Jan 11 19:50:10 UTC 2012
- Previous message: [CentOS] SELinux blocking cgi script from "writing to socket (httpd_t)"
- Next message: [CentOS] SELinux blocking cgi script from "writing to socket (httpd_t)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 01/12/2012 03:48 AM, Daniel J Walsh wrote: > In Fedora we currently dontaudit this leak. > > audit2allow -i /tmp/t > > > #============= httpd_sys_script_t ============== > #!!!! This avc has a dontaudit rule in the current policy > > allow httpd_sys_script_t httpd_t:udp_socket { read write }; Pow. Reasonable answer, and it isn't so hard to run that command -- its just difficult to understand why its necessary if you don't know anything about the environment, and mystifying if you know the command but nothing about what's going on.
- Previous message: [CentOS] SELinux blocking cgi script from "writing to socket (httpd_t)"
- Next message: [CentOS] SELinux blocking cgi script from "writing to socket (httpd_t)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list