Page MenuHome GnuPG
Create Task
Maniphest T417

Selinux option -- huh?
Closed, ResolvedPublic
Actions

Description

Release: 1.4.0

Environment

Fedora Core 3, all patches applied

Description

Confiugred with SELinux option enabled. No Secret keys can be exported. This affects testing of gpgme. Is this really the "Right Thing To Do" in relation to SELinux being turned on? What's the goal? WHy the tradeoff? Is there any docs to explain what/why/how this is good?

Fix

Unknown

Event Timeline

murf added projects: gnupg, Bug Report.Feb 1 2005, 10:57 PM
werner added a subscriber: werner.Feb 2 2005, 10:50 AM

Not a bug. Please take a dicsussion to gnupg-devel@gnupg.org

werner added a comment.Feb 2 2005, 10:50 AM

The whole point with the selinux option is to make it impossible to get access to the secret stuff unless the process has been flagged with appropriate permissions. Allowing to export the secret keys or to encrypt, armor, whatever the secring.gpg would allow to gain access very easily.

Russell Cocker once asked me add such an option and it took way to long for me add it.

werner closed this task as Resolved.Feb 2 2005, 10:50 AM