Re: selinux eradicator?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora <fedora-list@xxxxxxxxxx>
Subject: Re: selinux eradicator?
From: Jim Cornette <fc-cornette@xxxxxxxxxxxxxx>
Date: Thu, 28 Jun 2007 23:38:13 -0400
In-reply-to: <46847D25.5080708@xxxxxxxxxxxxx>
References: <20070626212943.127a97fe@zooty> <46841730.4080508@xxxxxxxxxxxxx> <4684286F.7060203@xxxxxxxxxx> <46842C82.1000601@xxxxxxxxxx> <46843283.3030905@xxxxxxxxxx> <468440D1.8080802@xxxxxxxxx> <4684458D.6010400@xxxxxxxxxxxxx> <46844894.3010002@xxxxxxxxxxxxxxxxx> <4684515F.20900@xxxxxxxxxxxxx> <468454CA.3020400@xxxxxxxxxxxxxxxxx> <46845CCE.20306@xxxxxxxxxxxxx> <4684608B.30908@xxxxxxxxxxxxxxxxx> <46846BC4.8040006@xxxxxxxxxxxxx> <4684717F.3060404@xxxxxxxxxxxxxxxxx> <46847D25.5080708@xxxxxxxxxxxxx>
Reply-to: For users of Fedora <fedora-list@xxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.4) Gecko/20070531 Fedora/1.1.2-1.fc7 SeaMonkey/1.1.2

Mike McCarty wrote:


A machine running current SELinux implementation is provably
less secure in some senses than one which is not.


From a very recent security update for httpd.

Update Information:

The Apache HTTP Server did not verify that a process was an
Apache child process before sending it signals. A local
attacker with the ability to run scripts on the Apache HTTP
Server could manipulate the scoreboard and cause arbitrary
processes to be terminated which could lead to a denial of
service (CVE-2007-3304). This issue is not exploitable on
Fedora if using the default SELinux targeted policy.


Just a passing example.

Jim

Follow-Ups:
- Re: selinux eradicator?
  - From: Mike McCarty

References:
- selinux eradicator?
  - From: Tom Horsley
- Re: selinux eradicator?
  - From: Mike McCarty
- Re: selinux eradicator?
  - From: Karl Larsen
- Re: selinux eradicator?
  - From: Matthew J. Roth
- Re: selinux eradicator?
  - From: Karl Larsen
- Re: selinux eradicator?
  - From: David Boles
- Re: selinux eradicator?
  - From: Mike McCarty
- Re: selinux eradicator?
  - From: Rahul Sundaram
- Re: selinux eradicator?
  - From: Mike McCarty
- Re: selinux eradicator?
  - From: Rahul Sundaram
- Re: selinux eradicator?
  - From: Mike McCarty
- Re: selinux eradicator?
  - From: Rahul Sundaram
- Re: selinux eradicator?
  - From: Mike McCarty
- Re: selinux eradicator?
  - From: Rahul Sundaram
- Re: selinux eradicator?
  - From: Mike McCarty

Prev by Date: Re: selinux eradicator?
Next by Date: Re: selinux eradicator?
Previous by thread: Re: selinux eradicator?
Next by thread: Re: selinux eradicator?
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]