* (no subject)
@ 2002-08-08 11:28 Samarth Sharma
2002-08-08 13:01 ` your mail Wayne Salamon
2002-08-08 13:48 ` Russell Coker
0 siblings, 2 replies; 3+ messages in thread
From: Samarth Sharma @ 2002-08-08 11:28 UTC (permalink / raw)
To: selinux
hi,
A security aware application like the sshd daemon acts as an
object manager for all its related processes..is this correct?? or
are object managers are a part of the kernel.
if sshd does act as an object manager who enforces the access
decisions for the sshd daemon..
Also if the daemon does act as an object manager does it not
involve incorporating policy logic in the manager therby violating
the primary principle of Flask architecture..
Please clarify
thanks
samarth
__________________________________________________________
Give your Company an email address like
ravi @ ravi-exports.com. Sign up for Rediffmail Pro today!
Know more. http://www.rediffmailpro.com/signup/
--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: your mail
2002-08-08 11:28 Samarth Sharma
@ 2002-08-08 13:01 ` Wayne Salamon
2002-08-08 13:48 ` Russell Coker
1 sibling, 0 replies; 3+ messages in thread
From: Wayne Salamon @ 2002-08-08 13:01 UTC (permalink / raw)
To: Samarth Sharma; +Cc: selinux
On 8 Aug 2002, Samarth Sharma wrote:
> hi,
> A security aware application like the sshd daemon acts as an
> object manager for all its related processes..is this correct?? or
> are object managers are a part of the kernel.
> if sshd does act as an object manager who enforces the access
> decisions for the sshd daemon..
> Also if the daemon does act as an object manager does it not
> involve incorporating policy logic in the manager therby violating
> the primary principle of Flask architecture..
All object access by processes will be controlled by the SELinux
module. Security aware applications can make use of extended system calls
provided with SELinux to control security IDs on objects, but only as far
as the policy allows. Therefore, there is no violation, or bypassing, of
the controls provided by the Flask architecture.
The application can control labeling of objects, but not the enforcement
of the policy based on those labels.
--
Wayne Salamon
wsalamon@tislabs.com
--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re:
2002-08-08 11:28 Samarth Sharma
2002-08-08 13:01 ` your mail Wayne Salamon
@ 2002-08-08 13:48 ` Russell Coker
1 sibling, 0 replies; 3+ messages in thread
From: Russell Coker @ 2002-08-08 13:48 UTC (permalink / raw)
To: Samarth Sharma, selinux
On Thu, 8 Aug 2002 13:28, Samarth Sharma wrote:
> A security aware application like the sshd daemon acts as an
> object manager for all its related processes..is this correct?? or
> are object managers are a part of the kernel.
The kernel fully manages all accesses granted to all domains.
sshd can determine the initial Identity, Role, and Domain (which together
comprise the context) for the process, but it's choices in this regard are
limited by the SE policy.
In a default configuration sshd can only run processes in sshd_t or user_t
domains and in the user_r or system_r roles. If it runs a process in the
sshd_t domain and the system_r role then that process can do very few things
(basically run other copies of sshd).
The worst that sshd can do in the default configuration is to run a process
as UID=0 in the user_t domain.
> if sshd does act as an object manager who enforces the access
> decisions for the sshd daemon..
The only decisions that sshd can make are what domain to run the child
process in, and they are very limited.
If you want a really locked down system then you have no files stored in type
user_home_t and force the user to run "newrole" before executing any
processes. That would have saved you from most past exploits of sshd and
hopefully from future exploits. But it still wouldn't save you from a
trojaned sshd that monitors your keypresses when you enter the password for
newrole.
--
I do not get viruses because I do not use MS software.
If you use Outlook then please do not put my email address in your
address-book so that WHEN you get a virus it won't use my address in the
>From field.
--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2002-08-08 13:48 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-08-08 11:28 Samarth Sharma
2002-08-08 13:01 ` your mail Wayne Salamon
2002-08-08 13:48 ` Russell Coker
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.