From: Daniel J Walsh <dwalsh@redhat.com>
To: russell@coker.com.au
Cc: Stephen Smalley <sds@epoch.ncsc.mil>,
Jim Carter <jwcart2@epoch.ncsc.mil>,
SE Linux <selinux@tycho.nsa.gov>
Subject: Re: ssh policy
Date: Mon, 13 Sep 2004 08:47:09 -0400 [thread overview]
Message-ID: <414596CD.4000502@redhat.com> (raw)
In-Reply-To: <200409111913.11677.russell@coker.com.au>
Russell Coker wrote:
>On Sat, 11 Sep 2004 01:08, Stephen Smalley <sds@epoch.ncsc.mil> wrote:
>
>
>>>-r_dir_file(updfstab_t, { selinux_config_t file_context_t
>>>default_context_t } ) can_getsecurity(updfstab_t)
>>>+dontaudit updfstab_t selinux_config_t:dir search;
>>>
>>>
>>I don't think that this is correct; updfstab appears to be looking up a
>>context via matchpathcon for preserving the context on /etc/fstab, so it
>>needs access to the file contexts file as in our policy.
>>
>>
>
>Why do we want to have updfstab do that? Adding such functionality to
>updfstab means more work for it to do, more time taken to complete, etc.
>
>Just having updfstab create the new file as /etc/fstab.new (or similar) makes
>it get the right context automatically with much less effort.
>
>We don't want to change every program that creates a file to preserve the SE
>Linux context! That would take significant development work and create
>significant issues if the SE Linux interfaces ever change.
>
>The source to fstab-sync refers to the idea of creating a new fstab file
>in /tmp if /etc is mounted read-only (with /etc/fstab being a sym-link to
>somewhere else). If this is implemented as described in the comments then an
>inopportune power failure or system crash could potentially truncate the
>fstab file and make the system non-bootable. I think we should give up on
>the idea of having fstab-sync do anything special in regard to SE Linux.
>
>Dan, what do you think?
>
>
>
That sounds good to me. I will look into who made the change and see if
we remedy this.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2004-09-13 12:47 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-09-08 18:28 ssh policy Russell Coker
2004-09-09 20:33 ` James Carter
2004-09-10 14:50 ` Daniel J Walsh
2004-09-10 15:08 ` Stephen Smalley
2004-09-10 15:24 ` Daniel J Walsh
2004-09-10 18:09 ` Luke Kenneth Casson Leighton
2004-09-11 9:13 ` Russell Coker
2004-09-13 12:47 ` Daniel J Walsh [this message]
2004-09-13 14:31 ` Daniel J Walsh
2004-09-13 20:18 ` James Carter
-- strict thread matches above, loose matches on Subject: below --
2003-12-05 1:18 Nick
2003-12-05 2:07 ` ssh policy Russell Coker
[not found] ` <1070651210.27071.290.camel@hawaii.efficax.net>
2003-12-06 6:22 ` Russell Coker
2002-10-23 18:52 Russell Coker
2002-10-23 19:20 ` Stephen Smalley
2002-07-31 16:53 Russell Coker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=414596CD.4000502@redhat.com \
--to=dwalsh@redhat.com \
--cc=jwcart2@epoch.ncsc.mil \
--cc=russell@coker.com.au \
--cc=sds@epoch.ncsc.mil \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.