55336 – SnortSnarf SELinux Policy

Bug 55336 - SnortSnarf SELinux Policy

Summary: SnortSnarf SELinux Policy

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Hardened (show other bugs)
Hardware:	All Linux

Importance:	High enhancement (vote)
Assignee:	Chris PeBenito (RETIRED)

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2004-06-27 09:18 UTC by Robert Paskowitz (RETIRED)
Modified:	2004-07-20 15:07 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
SELinux Policy (selinux.snortsnarf.tar.bz2,486 bytes, application/x-tbz) 2004-06-27 09:18 UTC, Robert Paskowitz (RETIRED)	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Robert Paskowitz (RETIRED) gentoo-dev

2004-06-27 09:18:05 UTC

Following this, a SELinux Policy for SnortSnarf will be attached. May be useful as its own package, or possibly merged with the Snort policy.

Comment 1 Robert Paskowitz (RETIRED) gentoo-dev

2004-06-27 09:18:40 UTC

Created attachment 34282 [details]
SELinux Policy

Comment 2 Chris PeBenito (RETIRED) gentoo-dev

2004-07-04 18:37:27 UTC

in the future, please attach the policy files as the individual text files, rather than a tarball

Comment 3 Chris PeBenito (RETIRED) gentoo-dev

2004-07-04 19:24:35 UTC

Hmm, I don't see how this works.  All of the allow sources are non-domains.  For example:

allow snortsnarf_exec_t snort_log_t:dir { search };

This doesn't do anything, since snortsnarf_exec_t is not a domain.  You'd need a snortsnarf_t domain, and a transition to it, at least.  If you'd like to revise your policy, I can look at it further, otherwise I'll close this bug.

Comment 4 Chris PeBenito (RETIRED) gentoo-dev

2004-07-20 15:07:59 UTC

please reopen if you'd like to submit a revised policy.