SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Research Skip Research Menus Research Menu Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: dynamic context transitions This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] From: Stephen Smalley <sds_at_epoch.ncsc.mil> Date: Tue, 30 Nov 2004 16:00:06 -0500 On Tue, 2004-11-30 at 13:27, Stephen Smalley wrote: > I've committed the dynamic context transition support to our tree > (changes to linux-2.6, libselinux, and policy). It should be available > in the sourceforge CVS tree soon (but the read-only mirrors take time to > sync with the master). The final version of the kernel patch is > attached for reference. We'll look into getting the kernel patch > upstreamed after 2.6.10 is released. Thanks. I extended the setcon() comment in selinux.h, added documentation for setcon() to the getcon.3 man page and added a reference for setcon.3. Description is: <snip> setcon sets the current security context of the process to a new value. Note that use of this function requires that the entire application be trusted to maintain any desired separation between the old and new security contexts, unlike exec-based transitions performed via setexeccon(3). When possible, decompose your applicaiton and use setexeccon() and execve() instead. Since access to file descriptors is revalidated upon use by SELinux, the new context must be explicitly authorized in the policy to use the descriptors opened by the old context if that is desired. Otherwise, attempts by the process to use any existing descriptors (including stdin, stdout, and stderr) after performing the setcon() will fail. A multi-threaded application can perform a setcon() prior to creating any child threads, in which case all of the child threads will inherit the new context. However, setcon() will fail if there are any other threads running in the same process. If the process was being ptraced at the time of the setcon() operation, ptrace permission will be revalidated against the new context and the setcon() will fail if it is not allowed by policy. <snip> -- Stephen Smalley <sds@epoch.ncsc.mil> National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Tue 30 Nov 2004 - 16:04:42 EST This message: [ Message body ] Next message: Stephen Smalley: "Re: libselinux fails to build on mips and mipsel machines, patch included" Previous message: Greg Norris: "Re: Problem with Conference Registration" In reply to: Stephen Smalley: "Re: dynamic context transitions" Next in thread: Stephen Smalley: "Re: dynamic context transitions" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom