SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Research Menus

Research Menu

Research Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: rawhide targeted vs. refpolicy rpm This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] [ Replies ] From: Stephen Smalley <sds_at_tycho.nsa.gov> Date: Wed, 16 Nov 2005 09:14:43 -0500 On Wed, 2005-11-16 at 09:08 -0500, Ivan Gyurdiev wrote: > >> One thing I am still not clear about is why we need a labeling prefix > >> that's not related to a role.. how is targeted using the system role, > >> and labeling things with the user prefix? Isn't the whole point of the > >> labeling prefix to prevent that type of thing (cross-role communication). > >> > > > > Targeted policy has no notion of user roles/domains. There is > > effectively only one SELinux user identity and role in targeted policy; > > the others are purely for compatibility with strict policy in file > > contexts and application configuration files. Targeted policy only uses > > TE domains to confine particular processes. > > > So why don't we label files in targeted as system_home_t, which seems > more correct and workaround this issue. The only change that seems > necessary to me is to move the defrole functions from sepol and into > semanage, since they don't do anything in sepol, and are misleading - > that would be additive divergence on the semanage side. If the user > wants to query sepol, and write records into semanage, he/she would have > to set the default role in addition to the other data. Targeted policy and strict policy share many of the same macro definitions, .te files, and .fc files, and we also want to allow easy conversion from targeted to strict which means we want a high degree of on-disk xattr compatibility. Using a different set of types on /home in targeted would not be helpful there, although one might be able to work around the issue via type aliases. Even in semanage, defrole is potentially misleading, as the actual default role is context-dependent, e.g. root can be set up to login as staff_r by default for ssh logins (so that acquiring sysadm_r access requires a further step via newrole or su) while logging in as sysadm_r by default for console logins. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Wed 16 Nov 2005 - 09:15:16 EST This message: [ Message body ] Next message: Stephen Smalley: "Re: [ SEMANAGE ] Clear obsoleted objects" Previous message: Ivan Gyurdiev: "[ SEMANAGE ] Clear obsoleted objects" In reply to: Ivan Gyurdiev: "Re: rawhide targeted vs. refpolicy rpm" Next in thread: Ivan Gyurdiev: "Re: rawhide targeted vs. refpolicy rpm" Reply: Ivan Gyurdiev: "Re: rawhide targeted vs. refpolicy rpm" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom