|Main Archive Page > Month Archives > selinux archives|
That is correct, we are not executing anything that would set up a user context. Nothing in our code or our policy would change the context. In RHEL4, root and any other users have a security context type of unconfined_t so we would it expect it to be the same on RHEL5 but they are init_t. Perhaps, something changed with RHEL5 release that I need to research.
From: Stephen Smalley [mailto:firstname.lastname@example.org] Sent: Tuesday, January 19, 2010 1:27 PM
To: Tomas, Gregg A (IS)
Subject: RE: Security Context Type Changes
On Tue, 2010-01-19 at 15:15 -0600, Tomas, Gregg A (IS) wrote:
> I apologize for my lack promptness, I have been in and out of the
> office. We are in the middle of transitioning from RHEL4 to RHEL5 so
> some of the links maybe off. Anyhow, here is our run_xstart.bash
So why would you expect that to transition out of init_t? Unless you've specifically labeled /usr/bin/fvwm with an entrypoint type and defined a type transition on it, you'll just continue in init_t.
You aren't executing anything that would set up a user context, e.g. gdm or friends. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to email@example.com with the words "unsubscribe selinux" without quotes as the message.