Re: Existence of "helper" functions (specifcally MLS)

[Joshua Brindle <method@gentoo.org>]

Stephen Smalley wrote:
> On Mon, 2006-07-24 at 11:48 -0500, Joe Nall wrote:
>   
>>> The relationship between s0 and s1 is not implicit in the names; s0
>>> could dominate s1; that is entirely defined by the policy itself.
>>>       
>> I had totally missed that. I mapped the s[n] to the integers we
>> use on the CMW without any thought that they were arbitrary.
>>     
>
> There is an explicit dominance definition in the policy that establishes
> the relationship.
>
>   
>> We have an application that combines data of multiple levels and has to
>> compute the aggregate classification before saving it to a file or  
>> sharing
>> it with another process. Will there be a function to compute an  
>> aggregate
>> context from a list of contexts?
>>     
>
>   
This sounds like you want to ditch TE altogether and revert to MLS 
entirely. That is, it seems like you have to since there is no such 
thing as an aggregate type. How could we possibly reconcile the user, 
role and type fields in a list of contexts? This seems like an enormous 
step backward and makes the application (whatever it is) incapable of 
using the stronger points of SELinux and from being applied to 
environments outside of the miltary/government realm.

I wonder if the hierarchal namespace for  roles and types could be 
useful here.. that would impose even more limitations on what the 
contexts could look like though but its probably better than simply 
ignoring those parts of the context.

> For that kind of specialized application, I suspect we'd create an
> interface to libsepol for that purpose rather than extending the kernel
> interface.  The other issue for that kind of function is whether the
> label encoding library needs to be brought into play to deal with
> complex relationships among the compartments that only it presently
> knows about (which ideally the kernel would understand too, but that
> isn't presently the case).
>   

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.