From: Joshua Brindle <jbrindle@tresys.com>
To: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Ivan Gyurdiev <ivg2@cornell.edu>,
SELinux-dev@tresys.com, dwalsh@redhat.com, selinux@tycho.nsa.gov
Subject: Re: [ SEMANAGE ] [ SEPOL ] More database work
Date: Tue, 11 Oct 2005 18:51:05 -0400 [thread overview]
Message-ID: <434C41D9.7010206@tresys.com> (raw)
In-Reply-To: <1129058140.3308.213.camel@moss-spartans.epoch.ncsc.mil>
Stephen Smalley wrote:
> On Fri, 2005-10-07 at 16:41 -0400, Joshua Brindle wrote:
>
>>Sure, setting the policy version is probably not useful for most users,
>>it's more of a development/debugging option than anything.
>>
>>What if the user wants to build a policy for the new kernel he just
>>installed? I guess a rebuild/reload after booting the kernel isn't bad,
>>although we don't provide a way to do that without starting a
>>transaction in the store.
>
>
> libsemanage doesn't appear to support just building a policy without
> loading it AFAICS. And load_policy no longer honors the path argument,
> so it will always load a version <= security_policyvers() for the
> current kernel.
>
right.
> Also, I just noticed that:
> 1) semanage_install_active() blindly uses security_policyvers() as the
> version suffix for the running policy path even prior to my changes,
> without considering sh->conf->policyvers at all, and
> 2) semanage_install_sandbox() similarly constructs a running policy path
> based solely on security_policyvers(), but never uses it.
>
Why are we still adding the policy version if we aren't going to support
building different versions anyway.
In the case of multiple kernels with different supported versions this
could be detrimental in the case that, for example, a version 18 policy
is built, the kernel is upgraded, a version 20 policy is built, the
policy is changed, modules/users/whatever added. Then an older kernel is
booted and loads the stale version 18 policy..
I'm not exactly sure how to handle this situation but this scenerio
seems undesirable.
> Patch below fixes this logic to make (1) consistent with the version
> selection in semanage_expand_sandbox (i.e. use security_policyvers() if
> it is in the range supported by the shared libsepol, otherwise use the
> sh->conf->policyvers, which will be sepol_policy_kern_vers_max() by
> default), and drops the dead code from (2). But note that in the case
> where semanage.conf sets the policy version to anything other than the
> default, load_policy won't know about it, and no longer honors the path
> argument, so it won't load that policy. I think I'll change
> selinux_mkload_policy to also check whether security_policyvers() falls
> outside of the libsepol supported range and fall back to
> sepol_policy_kern_vers_max() in that case. But the policy version
> setting in semanage.conf is still useless.
>
>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2005-10-11 22:51 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-10-06 16:01 [ SEMANAGE ] [ SEPOL ] More database work Ivan Gyurdiev
2005-10-06 16:05 ` Ivan Gyurdiev
2005-10-06 19:27 ` Stephen Smalley
2005-10-07 14:30 ` Stephen Smalley
2005-10-07 15:52 ` Stephen Smalley
2005-10-07 18:30 ` Stephen Smalley
2005-10-07 19:36 ` Joshua Brindle
2005-10-07 19:54 ` Stephen Smalley
2005-10-07 20:15 ` Joshua Brindle
2005-10-07 20:23 ` Stephen Smalley
2005-10-07 20:41 ` Joshua Brindle
2005-10-11 19:15 ` Stephen Smalley
2005-10-11 20:05 ` Stephen Smalley
2005-10-11 20:17 ` Stephen Smalley
2005-10-11 22:45 ` Joshua Brindle
2005-10-11 22:51 ` Joshua Brindle [this message]
2005-10-12 14:58 ` Stephen Smalley
2005-10-12 15:34 ` Joshua Brindle
2005-10-12 15:44 ` Stephen Smalley
2005-10-12 16:19 ` Joshua Brindle
2005-10-12 16:26 ` Stephen Smalley
2005-10-12 18:06 ` Joshua Brindle
2005-10-12 19:52 ` Stephen Smalley
2005-10-12 20:11 ` Stephen Smalley
2005-10-13 16:43 ` Stephen Smalley
2005-10-13 18:43 ` Stephen Smalley
2005-10-13 18:54 ` Stephen Smalley
2005-10-12 20:16 ` Joshua Brindle
2005-10-12 20:43 ` Stephen Smalley
2005-10-07 21:17 ` Stephen Smalley
2005-10-07 22:48 ` Ivan Gyurdiev
2005-10-11 12:32 ` Stephen Smalley
2005-10-11 12:51 ` Stephen Smalley
2005-10-13 19:29 ` Stephen Smalley
2005-10-13 22:35 ` Joshua Brindle
2005-10-14 12:02 ` Stephen Smalley
2005-10-14 13:33 ` Joshua Brindle
2005-10-14 13:49 ` Stephen Smalley
2005-10-07 19:37 ` Stephen Smalley
2005-10-07 15:52 ` Ivan Gyurdiev
2005-10-07 16:01 ` Stephen Smalley
2005-10-07 16:05 ` Stephen Smalley
2005-10-07 16:46 ` Ivan Gyurdiev
2005-10-07 17:04 ` Stephen Smalley
2005-10-07 16:06 ` Joshua Brindle
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=434C41D9.7010206@tresys.com \
--to=jbrindle@tresys.com \
--cc=SELinux-dev@tresys.com \
--cc=dwalsh@redhat.com \
--cc=ivg2@cornell.edu \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.