courier imap port binding
I have upgraded a machine from woody to unstable and now see audit messages
such as the following. It seems that the new version of Courier imapd binds
to arbitary ports for some reason. Does anyone know why this is? Is it
trying to do RPC?
audit(1092657325.591:0): avc: granted { name_bind } for pid=4850
exe=/usr/bin/imapd src=786 scontext=system_u:system_r:courier_pop_t
tcontext=system_u:object_r:port_t tclass=tcp_socket
audit(1092657363.683:0): avc: granted { name_bind } for pid=4867
exe=/usr/bin/imapd src=803 scontext=system_u:system_r:courier_pop_t
tcontext=system_u:object_r:port_t tclass=tcp_socket
audit(1092657363.798:0): avc: granted { name_bind } for pid=4867
exe=/usr/bin/imapd src=804 scontext=system_u:system_r:courier_pop_t
tcontext=system_u:object_r:port_t tclass=tcp_socket
audit(1092657372.867:0): avc: granted { name_bind } for pid=4871
exe=/usr/bin/imapd src=807 scontext=system_u:system_r:courier_pop_t
tcontext=system_u:object_r:port_t tclass=tcp_socket
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: