On Wed, 2020-11-18 at 15:28 -0700, Jerry Snitselaar wrote: > Hi Debora, > > This came up in a coverity scan, so I thought I'd send a patch > for it. One thing that people should note is that with tcsd now > calling setgid, for systems using selinux there needs to be a > capability added for tcsd to allow setgid. I'm working to get > that into the upstream selinux-policy-contrib project. > > Without this change tcsd will run on an selinux enforcing system, > but the group will still be root. With this change, and without > an updated selinux policy tcsd will exit when the setgid fails > to change the group to tss. > > Regards, > Jerry > >
Thank you, Jerry. Are you suggesting that I go ahead and accept the patch to upstream now? Or wait until the selinux policy is updated? Thanks, Debbie _______________________________________________ TrouSerS-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-tech
