On Mon, 23 Feb 2004 17:02, Joseph Pingenot <trelane@digitasaru.net> wrote:
> Sounds like a good idea.  One question:
> Could you also record a signature of the data?  This would help distinguish
>        processes who aren't supposed to be letting users on the system
>        (since they'd not have a valid signature).  That'd potentially
>        be able to plug a standard usage of rooted systems: leave open a
>        port to the outside world to log in from.

That wouldn't work.

If a regular user shell process running as user_u:user_r:user_t can access the network then it can also launch other shells. There is no way of stopping this.

How do you distinguish a copy of bash launched as a shell for an interactive session from an interpreter for a shell script?

How do you distinguish programs such as "script" from a wrapper for a UDP based terminal system?

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.