SELinux denying access to clamd and pyzor

mdtiberi · Unread post by **mdtiberi** » Thu Jun 12, 2008 3:53 pm

I am getting a number of messages saying that both clamd and pyzor are being denied read access by SELinux.

Is this interfering with the operation of these programs? Should I disable SELinux for these apps?

Thanks much.

--------------------------------------------------------------
CentOS 5
Plesk 8.4.0

From SELinux -l yadayada:

avc: denied { getattr } for comm="pyzor" dev=md2 egid=103 euid=10017
exe="/usr/bin/python" exit=0 fsgid=103 fsuid=10017 gid=0 items=0
path="/var/spool/qscan/.pyzor/servers" pid=14457
scontext=user_u:system_r:pyzor_t:s0 sgid=103 subj=user_u:system_r:pyzor_t:s0
suid=10017 tclass=file tcontext=user_u:object_r:var_spool_t:s0 tty=(none)
uid=10017

Unread post by **scott** » Thu Jun 12, 2008 6:27 pm

I turn SELinux off by default in the ASL kernels. In my professional opinion, its Cargo Cult Security

Besides, ASL has a powerful least privilege RBAC thats more secure and powerful that selinux, so really selinux is like grsecurity lite.

mdtiberi · Unread post by **mdtiberi** » Thu Jun 12, 2008 6:49 pm

scott wrote:I turn SELinux off by default in the ASL kernels. In my professional opinion, its Cargo Cult Security

Thanks Scott, I ended up turning it off since for some reason I had it set to permissive mode - no point then.