Uploaded image for project: 'JBoss Web Server'
  1. JBoss Web Server
  2. JWS-724

jws5_tomcat_t domain shouldn't be in unconfined_domain

XMLWordPrintable

    • Documentation (Ref Guide, User Guide, etc.), User Experience
    • The JBoss Web Server 5.0 uses the `jws5_tomcat_t` selinux domain, rather than the unconfined `tomcat_t` domain for improved security.
    • Documented as Resolved Issue
    • Hide

      sesearch -ACS -s jws5_tomcat_t -t shadow_t -c file -p read
      seinfo -tjws5_tomcat_t -x
      check no presence of unconfined_domain_type or any other *unconfined* label

      Show
      sesearch -ACS -s jws5_tomcat_t -t shadow_t -c file -p read seinfo -tjws5_tomcat_t -x check no presence of unconfined_domain_type or any other *unconfined* label

      +++ This bug was initially created as a clone of Bug #1432083 +++

      Description of problem:

      It seems tomcat_t domain is in unconfined_domain, then any process which is having tomcat_t domain can access to any file. Maybe there is a bug in policy file.

      JWS5 domain name is : jws5_tomcat_t

      There shouldn't be any unconfined_domain_type associated with jws5 domain name

            rhn-support-csutherl Coty Sutherland
            rhn-support-csutherl Coty Sutherland
            Jan Onderka Jan Onderka
            Tyler Kelly Tyler Kelly (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: