Re: No need for AV tools on Linux, eh?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxxxxxxxxx
Subject: Re: No need for AV tools on Linux, eh?
From: Robert Nichols <rnicholsNOSPAM@xxxxxxxxxxx>
Date: Sat, 12 Feb 2011 15:39:03 -0600
Delivered-to: users@xxxxxxxxxxxxxxxxxxxxxxx
In-reply-to: <20110212171531.GA14240@xxxxxxxx>
List-archive: <http://lists.fedoraproject.org/pipermail/users>
List-help: <mailto:[email protected]?subject=help>
List-id: Community support for Fedora users <users.lists.fedoraproject.org>
List-post: <mailto:[email protected]>
List-subscribe: <https://admin.fedoraproject.org/mailman/listinfo/users>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <https://admin.fedoraproject.org/mailman/listinfo/users>, <mailto:[email protected]?subject=unsubscribe>
References: <4D54534B.7060309@xxxxxxxxxxxxx> <AANLkTinuc1AgXbKH6-iTPZmcNS7gJZ1P=jJJoWc=Zxv9@xxxxxxxxxxxxxx> <4D546183.2030807@xxxxxxxxxxxxx> <4D54683A.4030502@xxxxxxxxx> <EC9B8454262A49F4A9090DAF75F3D85E@Superchick> <1297514767.2496.5.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <FF415C86002D4FF7AD6E915CE9E868D1@Superchick> <20110212171531.GA14240@xxxxxxxx>
Reply-to: Community support for Fedora users <users@xxxxxxxxxxxxxxxxxxxxxxx>
Sender: users-bounces@xxxxxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.15) Gecko/20101027 Fedora/3.0.10-1.fc12 Thunderbird/3.0.10

On 02/12/2011 11:15 AM, Bruno Wolff III wrote:
>
> Most of selinux enforcement is targeted at services and a few user tools
> that commonly process untrusted data (in particular firefox).

Firefox, really?

   $ ps Zax | grep firefox
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 8847 ? S   0:00 /bin/sh 
/usr/lib/firefox-3.6/run-mozilla.sh /usr/lib/firefox-3.6/firefox
   unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 8864 ? Sl   0:01 
/usr/lib/firefox-3.6/firefox
   unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 8880 pts/0 S+   0:00
   $ rpm -qa selinux\*
   selinux-policy-3.9.7-29.fc14.noarch
   selinux-policy-targeted-3.9.7-29.fc14.noarch

Looks about as unconfined as a process can get.  This is from a up-to-date
FC-14 running with the default, targeted policy.

-- 
Bob Nichols     "NOSPAM" is really part of my email address.
                 Do NOT delete it.

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Follow-Ups:
- Re: No need for AV tools on Linux, eh?
  - From: Bruno Wolff III

References:
- No need for AV tools on Linux, eh?
  - From: jdow
- Re: No need for AV tools on Linux, eh?
  - From: Fernando Cassia
- Re: No need for AV tools on Linux, eh?
  - From: jdow
- Re: No need for AV tools on Linux, eh?
  - From: Rahul Sundaram
- Re: No need for AV tools on Linux, eh?
  - From: Darr
- Re: No need for AV tools on Linux, eh?
  - From: Tim
- Re: No need for AV tools on Linux, eh?
  - From: Darr
- Re: No need for AV tools on Linux, eh?
  - From: Bruno Wolff III

Prev by Date: RE: "why is my Linux so damn slow?"
Next by Date: Re: Where can I find a functional nslookup?
Previous by thread: Re: No need for AV tools on Linux, eh?
Next by thread: Re: No need for AV tools on Linux, eh?
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]

Powered by Linux