Bug 984830
Summary: | atd directly executes sendmail | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Milos Malik <mmalik> |
Component: | at | Assignee: | Marcela Mašláňová <mmaslano> |
Status: | CLOSED WONTFIX | QA Contact: | qe-baseos-daemons |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 5.10 | CC: | mgrepl, mmalik |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-09-16 08:12:56 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Milos Malik
2013-07-16 07:01:07 UTC
Yes, the problem is with execl(ATD_MAIL_PROGRAM, ATD_MAIL_NAME, mailname, (char *) NULL); where setexeccon is not set for the default policy behavior and it runs with setexeccon(user_context) This request was not resolved in time for the current release. Red Hat invites you to ask your support representative to propose this request, if still desired, for consideration in the next release of Red Hat Enterprise Linux. Could you explain me why no-one noticed such essential fault in behaviour before? I don't think such bugs or components will be approved so late in RHEL-5 time frame. I would close it. Maybe there is a lack of customers/users who use atd and strict policy at the same time. The problem does not exist on machines running targeted policy. In that case wontfix. I won't believe at will be approved component so late in support cycle. Although it may be good to add this test case in regression tests and verify if it doesn't fail on RHEL-6 and higher releases. |