Summary: | SnortSnarf SELinux Policy | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Robert Paskowitz (RETIRED) <r2d2> |
Component: | Hardened | Assignee: | Chris PeBenito (RETIRED) <pebenito> |
Status: | RESOLVED INVALID | ||
Severity: | enhancement | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: | SELinux Policy |
Description
Robert Paskowitz (RETIRED)
2004-06-27 09:18:05 UTC
Created attachment 34282 [details]
SELinux Policy
in the future, please attach the policy files as the individual text files, rather than a tarball Hmm, I don't see how this works. All of the allow sources are non-domains. For example: allow snortsnarf_exec_t snort_log_t:dir { search }; This doesn't do anything, since snortsnarf_exec_t is not a domain. You'd need a snortsnarf_t domain, and a transition to it, at least. If you'd like to revise your policy, I can look at it further, otherwise I'll close this bug. please reopen if you'd like to submit a revised policy. |