Re: identity

[Joseph Pingenot <trelane@digitasaru.net>]

>From Russell Coker on Monday, 23 February, 2004:
>On Mon, 23 Feb 2004 17:02, Joseph Pingenot <trelane@digitasaru.net> wrote:
>> Sounds like a good idea.  One question:
>> Could you also record a signature of the data?  This would help distinguish
>>        processes who aren't supposed to be letting users on the system
>>        (since they'd not have a valid signature).  That'd potentially
>>        be able to plug a standard usage of rooted systems: leave open a
>>        port to the outside world to log in from.
>That wouldn't work.
>If a regular user shell process running as user_u:user_r:user_t can access the 
>network then it can also launch other shells.  There is no way of stopping 
>this.
>How do you distinguish a copy of bash launched as a shell for an interactive 
>session from an interpreter for a shell script?
>How do you distinguish programs such as "script" from a wrapper for a UDP 
>based terminal system?

Heh.  That's what I get for posting after just a moment's thought, right
  before I hit the hay.  :)
Excellent points.  I had originally been thinking that the info would
  be inherited by children (as would be logical), but it'd not actually
  prevent any such thing.  Dang.
Hmm.  Thinking about it again, maybe one could add a 'tainted' flag to
  a process that gets set when it listens to a socket?  Servers would
  be accompanied by a signature that verifies the integrity of the binary
  and are then not tainted on socket opening *if* they match?
Eh.  It seems like a good thing to eventually work towards.  :)

-Joseph

-- 
Joseph===============================================trelane@digitasaru.net
      Graduate Student in Physics, Freelance Free Software Developer

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.