Re: named SELinux policy

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Ivan Gyurdiev <ivg2@cornell.edu>
To: Daniel J Walsh <dwalsh@redhat.com>
Cc: jvdias@redhat.com, SE Linux <selinux@tycho.nsa.gov>
Subject: Re: named SELinux policy
Date: Mon, 06 Mar 2006 13:12:24 -0500	[thread overview]
Message-ID: <440C7B88.7090800@cornell.edu> (raw)
In-Reply-To: <440C73BA.4050503@redhat.com>

> File context that differs from parent directory is especially hard to 
> maintain and can give the impression that SELinux is difficult.  We 
> can not predict which tools a user will use to maintain the named.conf 
> file so leaving it etc_t is better in my opinion.  If you want to 
> prevent secret data then you should not store a file in /etc with 
> default context (etc_t, etc_runtime_t).  (You probably should not 
> store the file there in the  first place.)
I see this as one of the fundamental problems of SELinux to solve before 
it becomes mainstream...

Should automatic type transitions be treated as a hack, placed there 
until the app starts using setfscreatecon? Should they instead be 
treated as the way to do things, with applications being modified to 
better organize their files into folders, and the folders pre-created as 
appropriate.

Automated transitions have already proved difficult when mixing files of 
different types in the same folder, and also with shared libraries 
creating files.

It seems like the app has much more knowledge about the file than the 
kernel's (src_context, target_class) pair. However, should we be 
incorporating selinux contexts into applications [ as is already done in 
consolehelper ]? How reliable are those context? The rwx of chmod() are 
pretty much set in stone. Policy changes all the time. Is it better to 
keep selinux logic out of applications instead?

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

next prev parent reply	other threads:[~2006-03-06 18:12 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <200603061121.49118.jvdias@redhat.com>
2006-03-06 17:39 ` named SELinux policy Daniel J Walsh
2006-03-06 18:12   ` Ivan Gyurdiev [this message]
2006-03-06 22:03   ` Erich Schubert

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=440C7B88.7090800@cornell.edu \
    --to=ivg2@cornell.edu \
    --cc=dwalsh@redhat.com \
    --cc=jvdias@redhat.com \
    --cc=selinux@tycho.nsa.gov \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.