Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
Matthew Gillen wrote: >> Did it change the default policy, or just the running policy? > > Neither. It set a property on the file itself (stored by the filesystem). > The texrel_shlib_t is basically a group that needs to do something that most > programs shouldn't need to do. Video codecs are notorious for this > technique though (which is probably one of the reasons they have so many > security problems). Yeah, I finally understood that after I sent that email through more Googling, and studying sealert's output more closely. >> So yes, there's this pretty good tool if you stumble upon it, but how >> can you have a tool that's so invasive without accessible documentation? > > That issue is sort of endemic to linux in general ;-) Agreed, of course, but most of the software that effects the whole system like that are better documented, with the clear exception of X configuration, which will always be black magic. > Part of the answer is that it's still being developed. You might look this > site for more info on the setroubleshoot tool: > https://hosted.fedoraproject.org/projects/setroubleshoot While that page is now only moderately useful, it's a good start, and it's a place to capture more information. After I read more of what's there now, I'll see if I can contribute anything. Thanks. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |