Re: [Dailydave] R. RHEL, RHCS, and Selinux : hype, reality or dream?

[Marco Ermini <marco.ermini () gmail com>]

2009/9/9 yersinia:
> So it seems that it is not necessary to be a clever hacker as spender to
> disable SELinux on a system (http://grsecurity.net/~spender/exploit.txt).
> Just follow the directions of the vendor. This one require to disable
> selinux for the proper function of one of its HA products, after years that
> the same vendor was critical with commercial product, o badly compiled open
> source for SELINUX execmem o textreloc issue,  because they require the
> same.
[...]

It is just necessary to install an updated SELinux policy to make the
RH Cluster work with SELinux.

https://bugzilla.redhat.com/attachment.cgi?id=348662

I guess the fault is mainly in the vendor documentation...


Cheers
-- 
Marco Ermini
root@human # mount -t life -o ro /dev/dna /genetic/research
http://www.linkedin.com/in/marcoermini
"Jesus saves... but Buddha makes incremental back-ups!"

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/