Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing Listcdrecord deadlocks linux 2.6.8.1 (problem in setscheduler)
From: Thomas Bleher <bleher_at_informatik.uni-muenchen.de>
Date: Mon, 18 Oct 2004 14:43:32 +0200
I have just written selinux policy for cdrecord. While writing this policy cdrecord constantly locked up the computer (even in permissive mode). When booting with selinux=0 the problem went away.
After digging around for a while, the following seems to be happening:
When I grant cdrecord CAP_SYS_NICE everything works fine. I think SELinux shouldn't generate a log message in this case; like it is already suppressed for setsched. To test, add the attached policy, remove sys_nice from the allowed caps and simply call cdrecord without parameters. Thomas -- http://www.cip.ifi.lmu.de/~bleher/selinux/ - my SELinux pages GPG-Fingerprint: BC4F BB16 30D6 F253 E3EA D09E C562 2BAE B2F4 ABE7Received on Mon 18 Oct 2004 - 08:49:43 EDT |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |