Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 55336

Summary: SnortSnarf SELinux Policy
Product: Gentoo Linux Reporter: Robert Paskowitz (RETIRED) <r2d2>
Component: HardenedAssignee: Chris PeBenito (RETIRED) <pebenito>
Status: RESOLVED INVALID    
Severity: enhancement    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Attachments: SELinux Policy

Description Robert Paskowitz (RETIRED) gentoo-dev 2004-06-27 09:18:05 UTC
Following this, a SELinux Policy for SnortSnarf will be attached. May be useful as its own package, or possibly merged with the Snort policy.
Comment 1 Robert Paskowitz (RETIRED) gentoo-dev 2004-06-27 09:18:40 UTC
Created attachment 34282 [details]
SELinux Policy
Comment 2 Chris PeBenito (RETIRED) gentoo-dev 2004-07-04 18:37:27 UTC
in the future, please attach the policy files as the individual text files, rather than a tarball
Comment 3 Chris PeBenito (RETIRED) gentoo-dev 2004-07-04 19:24:35 UTC
Hmm, I don't see how this works.  All of the allow sources are non-domains.  For example:

allow snortsnarf_exec_t snort_log_t:dir { search };

This doesn't do anything, since snortsnarf_exec_t is not a domain.  You'd need a snortsnarf_t domain, and a transition to it, at least.  If you'd like to revise your policy, I can look at it further, otherwise I'll close this bug.
Comment 4 Chris PeBenito (RETIRED) gentoo-dev 2004-07-20 15:07:59 UTC
please reopen if you'd like to submit a revised policy.