Bug 284561 - Security enhancements for memcached
Summary: Security enhancements for memcached
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: memcached
Version: 7
Hardware: All
OS: Linux
medium
low
Target Milestone: ---
Assignee: Paul Lindner
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-09-10 13:33 UTC by Konstantin Ryabitsev
Modified: 2008-01-03 01:48 UTC (History)
2 users (show)

Fixed In Version: 1.2.4-2.fc8
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-01-03 01:34:20 UTC
Type: ---


Attachments (Terms of Use)

Description Konstantin Ryabitsev 2007-09-10 13:33:51 UTC
I have enhanced the package to incorporate the following additional security
measures:

1. Do not run as user nobody (duplicate of #253882, but it was never actually
applied to devel, so I enhanced it slightly).
2. Provide selinux policies for memcached.

You can find all of the modified/new files here:

http://icon.fedorapeople.org/f/memcached/

I'd like to see this in the official package.

Comment 1 Matthias Saou 2007-09-12 11:40:15 UTC
Maybe silly questions, but :
- Why have the selinux stuff in a separate package?
- Why include the selinux stuff here instead of asking to have it included
  in the default system policy?

Just curious :-)

Comment 2 Paul Lindner 2007-12-22 13:14:32 UTC
I just reviewed the SELinux build policy at 

http://fedoraproject.org/wiki/PackagingDrafts/SELinux/PolicyModules

and this looks to be the correct implementation.

I've applied this patch and it goes into memcached-1.2.4-2

regards


Comment 3 Fedora Update System 2007-12-28 17:19:56 UTC
memcached-1.2.4-2.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update memcached'

Comment 4 Fedora Update System 2008-01-03 01:34:17 UTC
memcached-1.2.4-2.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 5 Fedora Update System 2008-01-03 01:48:46 UTC
memcached-1.2.4-2.fc7 has been pushed to the Fedora 7 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update memcached'


Note You need to log in before you can comment on or make changes to this bug.