Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRe: [ PATCH ] Cumulative patch - various fixes, untrusted_content_t, mozilla, gnome types
From: Russell Coker <russell_at_coker.com.au>
Date: Sun, 17 Apr 2005 23:46:34 +1000
This is a difficult area that requires a lot of thought and work if we are to have a chance to get it right. Let's leave this until after we get some of the base stuff done.
> 2) Introduce new types for gnome - ROLE_gnome_settings_t, and Mozilla wants read/write access to .gconf as well as processes in ROLE_t, using a mozilla type grants such access. It's an ugly hack and doesn't really work well (think ROLE_games_t and GNOME games).
> Those types are used I think that first we should get a separate domain for gconf. If gconf is to become a trusted object manager as I recall Colin has suggested then it will address some of the issues related to this. You have: create_dir_file(ROLE_t, ROLE_gnome_settings_t) allow ROLE_mozilla_t ROLE_gnome_settings_t:dir { search getattr };
Mozilla will desire read/write access to the .gconf directory and it's files
so the only solution is something like:
This assumes that gconf will do the right things.
> 3) Introduce new type for .fonts.cache-1 - ROLE_font_cache_t. It's my observation that the common practice for font cache files is to often create new files and unlink the old one - thus losing a specific type assigned to it. Maybe we could put SE Linux code into the programs that use this file, but it's ugly.
> 4) Miscellaneous fix: Allow load_policy to read /proc/filesystems, Best to put it in can_loadpol().
> 6) Grant the user the ability to relabel to/from directories of type It's already in macros/base_user_macros.te . -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Sun 17 Apr 2005 - 18:31:58 EDT |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |