From: Diyab <diyab@diyab.net>
To: Stephen Smalley <sds@epoch.ncsc.mil>
Cc: "Kratzer, James R." <JamesK@xetron.com>,
"'SELinux@tycho.nsa.gov'" <SELinux@tycho.nsa.gov>
Subject: Re: glibc check errors
Date: Tue, 30 Sep 2003 21:04:16 -0400 [thread overview]
Message-ID: <3F7A2810.1060907@diyab.net> (raw)
In-Reply-To: <1064945244.6364.39.camel@moss-spartans.epoch.ncsc.mil>
Stephen Smalley wrote:
> On Tue, 2003-09-30 at 13:30, Kratzer, James R. wrote:
>
>>I am running the new 2.4 based SELinux kernel and userland archive on Red
>>Hat 9. If I understand you correctly, since the glibc changes have been
>>upstreamed and were not SELinux specific, you will be releasing soon a new
>>userland archive which will require an updated version of the glibc package.
>>If this is correct, how soon do you anticipate the release of the new
>>userland archive and the release of the new glibc package ( glibc-2.3.3
>>maybe? )? Can I use the current userland archive utilities without the
>>patched glibc?
>
>
> You don't need the modified glibc to use the userland archive
> utilities. The glibc patch was to make glibc recognize security
> transitions other than just setuid/setgid, so that it will enable its
> secure mode for programs that cause a change in other security
> attributes (e.g. role/domain) as well as for setuid/setgid programs.
> That is important for security, but not a functional requirement for
> using the system. The modification to glibc has made its way upstream
> and I believe that it is available in the RedHat beta (severn / fedora
> core).
>
> We'll be making an updated release of the kernel and userland archives
> soon, likely later this week.
>
So is this new glibc version available as the mainstream glibc package
or will non redhat users still have to apply the patch. And if is or
will be soon available as mainstream glibc do you know what version?
Timothy,
--
I put instant coffee in a microwave and almost went back in time.
-- Steven Wright
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2003-10-01 1:04 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-09-30 17:30 glibc check errors Kratzer, James R.
2003-09-30 18:07 ` Stephen Smalley
2003-10-01 1:04 ` Diyab [this message]
2003-10-01 14:16 ` Stephen Smalley
-- strict thread matches above, loose matches on Subject: below --
2003-09-30 15:34 Kratzer, James R.
2003-09-30 16:26 ` Stephen Smalley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3F7A2810.1060907@diyab.net \
--to=diyab@diyab.net \
--cc=JamesK@xetron.com \
--cc=SELinux@tycho.nsa.gov \
--cc=sds@epoch.ncsc.mil \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.