I have enhanced the package to incorporate the following additional security measures: 1. Do not run as user nobody (duplicate of #253882, but it was never actually applied to devel, so I enhanced it slightly). 2. Provide selinux policies for memcached. You can find all of the modified/new files here: http://icon.fedorapeople.org/f/memcached/ I'd like to see this in the official package.
Maybe silly questions, but : - Why have the selinux stuff in a separate package? - Why include the selinux stuff here instead of asking to have it included in the default system policy? Just curious :-)
I just reviewed the SELinux build policy at http://fedoraproject.org/wiki/PackagingDrafts/SELinux/PolicyModules and this looks to be the correct implementation. I've applied this patch and it goes into memcached-1.2.4-2 regards
memcached-1.2.4-2.fc8 has been pushed to the Fedora 8 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update memcached'
memcached-1.2.4-2.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
memcached-1.2.4-2.fc7 has been pushed to the Fedora 7 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update memcached'