JohnS wrote:
> On Tue, 2010-05-25 at 21:27 -0400, Whit Blauvelt wrote:
>
>> But if someone can tell me why selinux thinks it's sane to block
>> "/etc/init.d/smb start" while leaving "sh /etc/init.d/smb start" and even
>> /some/random/dir/smb start" wide open ... I just can't believe some happy
>> hacker at NSA thought that would count as a security scheme. Really, I'd
>> like to know how this is supposed to be useful.
> ----
> It had good reason to because you did inhereitly edit it as shown by the
> previous rpm -V. I say you will have more SEL problems if you do not do
> a full relabel on boot. You really need selinux for samba to prevent
> buffer overflows. That is how it is usefull.
So smbd's context is _supposed_ to be inherited from the init script instead of
being inherent to the program itself? And the init script has to be executed
directly instead of given to a shell for this to work? Is this documented?
--
Les Mikesell
lesmikes...@gmail.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
