* [refpolicy] services_procmail.patch
@ 2008-10-14 19:53 Daniel J Walsh
2008-10-14 22:56 ` Paul Howarth
2008-11-18 20:04 ` Christopher J. PeBenito
0 siblings, 2 replies; 9+ messages in thread
From: Daniel J Walsh @ 2008-10-14 19:53 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_procmail.patch
Label logs files properly
interfaces to manage procmail tmp files
Send signals to pyzor and sendmail
domtrans to spamassassin and spamc
Dont audit read of /root
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkj0+K8ACgkQrlYvE4MpobMokQCghxQGZBsDW6fhY9N2arzYRHO9
iHQAoOdU1JrwMncK+mVl5VpBT4tYdzB6
=VLCi
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 9+ messages in thread
* [refpolicy] services_procmail.patch
2008-10-14 19:53 Daniel J Walsh
@ 2008-10-14 22:56 ` Paul Howarth
2008-11-18 20:04 ` Christopher J. PeBenito
1 sibling, 0 replies; 9+ messages in thread
From: Paul Howarth @ 2008-10-14 22:56 UTC (permalink / raw)
To: refpolicy
On Tue, 14 Oct 2008 15:53:19 -0400
Daniel J Walsh <dwalsh@redhat.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_procmail.patch
>
> Label logs files properly
>
> interfaces to manage procmail tmp files
>
> Send signals to pyzor and sendmail
>
> domtrans to spamassassin and spamc
spamassassin_domtrans_spamc interface needs posting yet I believe.
Paul.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [refpolicy] services_procmail.patch
2008-10-14 19:53 Daniel J Walsh
2008-10-14 22:56 ` Paul Howarth
@ 2008-11-18 20:04 ` Christopher J. PeBenito
1 sibling, 0 replies; 9+ messages in thread
From: Christopher J. PeBenito @ 2008-11-18 20:04 UTC (permalink / raw)
To: refpolicy
On Tue, 2008-10-14 at 15:53 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_procmail.patch
>
> Label logs files properly
>
> interfaces to manage procmail tmp files
>
> Send signals to pyzor and sendmail
>
> domtrans to spamassassin and spamc
>
>
> Dont audit read of /root
Merged.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
^ permalink raw reply [flat|nested] 9+ messages in thread
* [refpolicy] services_procmail.patch
@ 2009-03-05 16:54 Daniel J Walsh
2009-05-14 15:14 ` Christopher J. PeBenito
0 siblings, 1 reply; 9+ messages in thread
From: Daniel J Walsh @ 2009-03-05 16:54 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_procmail.patch
procmail seems to get redirected to random log files
Reads mta queue
Is started by nagios in spool directory.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkmwA8MACgkQrlYvE4MpobNBNgCfaiqW6sFd6jz5HMQSjeJ3HEMr
YfcAoLla1dMZTrMaYSJyVHz8uWh4b771
=b1/7
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 9+ messages in thread
* [refpolicy] services_procmail.patch
2009-03-05 16:54 [refpolicy] services_procmail.patch Daniel J Walsh
@ 2009-05-14 15:14 ` Christopher J. PeBenito
0 siblings, 0 replies; 9+ messages in thread
From: Christopher J. PeBenito @ 2009-05-14 15:14 UTC (permalink / raw)
To: refpolicy
On Thu, 2009-03-05 at 12:54 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_procmail.patch
>
>
> procmail seems to get redirected to random log files
>
> Reads mta queue
These two seem highly questionable to me. Appending to random logs is
going to need to be narrowed. Why would it be reading the outgoing
queue? Its an app for processing incoming mail.
> Is started by nagios in spool directory.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
^ permalink raw reply [flat|nested] 9+ messages in thread
* [refpolicy] services_procmail.patch
@ 2009-06-09 1:00 Daniel J Walsh
0 siblings, 0 replies; 9+ messages in thread
From: Daniel J Walsh @ 2009-06-09 1:00 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_procmail.patch
Small fixes for procmail, but added allow to append to any log.
Many apps seem to redirect procmail to their log files.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [refpolicy] services_procmail.patch
@ 2009-11-12 21:53 Daniel J Walsh
0 siblings, 0 replies; 9+ messages in thread
From: Daniel J Walsh @ 2009-11-12 21:53 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_procmail.patch
needs fsetid
Appends to log files
^ permalink raw reply [flat|nested] 9+ messages in thread
* [refpolicy] services_procmail.patch
@ 2010-02-23 20:43 Daniel J Walsh
0 siblings, 0 replies; 9+ messages in thread
From: Daniel J Walsh @ 2010-02-23 20:43 UTC (permalink / raw)
To: refpolicy
http://people.fedoraproject.org/~dwalsh/SELinux/F13/services_procmail.patch
procmail needs dac_override
Appends to log files.
Read mail que
Search nagios (Probably nagios sending mail)
Dontaudit sendmail leaks.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [refpolicy] services_procmail.patch
@ 2010-08-26 22:10 Daniel J Walsh
0 siblings, 0 replies; 9+ messages in thread
From: Daniel J Walsh @ 2010-08-26 22:10 UTC (permalink / raw)
To: refpolicy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://people.fedoraproject.org/~dwalsh/SELinux/F14/services_procmail.patch
Add procmail_home_t
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkx25lMACgkQrlYvE4MpobNwvgCgqlQdtd7LqhbO+WSD8CbwxW1N
tIYAoLhTjAumMojLW72iXt+UUAaCZeDR
=aeLg
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2010-08-26 22:10 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-03-05 16:54 [refpolicy] services_procmail.patch Daniel J Walsh
2009-05-14 15:14 ` Christopher J. PeBenito
-- strict thread matches above, loose matches on Subject: below --
2010-08-26 22:10 Daniel J Walsh
2010-02-23 20:43 Daniel J Walsh
2009-11-12 21:53 Daniel J Walsh
2009-06-09 1:00 Daniel J Walsh
2008-10-14 19:53 Daniel J Walsh
2008-10-14 22:56 ` Paul Howarth
2008-11-18 20:04 ` Christopher J. PeBenito
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.