Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...
|
Re: cups, /dev/fd: msg#00086
|
Subject: |
Re: cups, /dev/fd |
On Thu, 2004-09-16 at 21:22, Tom London wrote:
> Running strict/enforcing, latest from Dan's tree.
>
> Printing (say, from openoffice) yields:
>
> Sep 16 18:01:39 fedora kernel: audit(1095382899.718:0): avc: denied {
> read } for pid=10941 exe=/usr/bin/perl name=fd dev=tmpfs ino=2794
> scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:device_t
> tclass=lnk_file
> Sep 16 18:01:39 fedora kernel: audit(1095382899.718:0): avc: denied {
> read } for pid=10941 exe=/usr/bin/perl name=fd dev=tmpfs ino=2794
> scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:device_t
> tclass=lnk_file
>
> inode 2794 is /dev/fd.
>
> Make sense to add?
> dontaudit cupsd_t device_t:lnk_file { read };
I'd allow it. /dev/fd is just a symlink to /proc/self/fd, and that
should be permitted.
--
Stephen Smalley <sds@xxxxxxxxxxxxxx>
National Security Agency
|
| |
