From: Joshua Brindle <jbrindle@tresys.com>
To: Daniel J Walsh <dwalsh@redhat.com>
Cc: Chad Sellers <csellers@tresys.com>,
Stephen Smalley <sds@tycho.nsa.gov>,
Eric Paris <eparis@redhat.com>,
Karl MacMillan <kmacmillan@mentalrootkit.com>,
selinux@tycho.nsa.gov
Subject: Re: concept of a permissive domain
Date: Fri, 12 Oct 2007 13:49:08 -0400 [thread overview]
Message-ID: <470FB394.8000106@tresys.com> (raw)
In-Reply-To: <470F7BC0.4030003@redhat.com>
Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I would like to get this moving again.
>
> I believe we came to a conclusion that the permissive domain should be
> specified in userspace/policy. So the next question is who can make the
> change and what is the syntax?
>
> I see we can do this in two ways.
>
> One we add a new access to the Process Class called Permissive;
> Which would cause the kernel to put this domain in the permissive
> domain. I am sure Steven dislikes this suggestion. :^)
>
Thats a really bad idea, it means that any process that had ~ or * in
the process class now becomes permissive. It also makes the hooks a
complete mess as they now have to check for this permission in addition
to the real requested perm.
>
> The second solution is to add a new command to audit, dontaudit,
> auditallow, nerverallow
>
> So if we add permissiveallow or just permissive.
>
> What does the syntax look like?
>
> permissive httpd_t;
>
> permissive httpd_t self:process *;
>
> In order to implement this, we need to modify libsepol,
> checkmodule/checkpolicy?
>
I don't like this one either. I'd rather do what we were thinking about
with selinuxfs where we have /selinux/types/foo_domain_t have a bitmap
of properties, one of them being permissive.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2007-10-12 17:49 UTC|newest]
Thread overview: 71+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-09-11 19:13 concept of a permissive domain Eric Paris
2007-09-11 20:31 ` Daniel J Walsh
2007-09-11 21:26 ` Karl MacMillan
2007-09-11 21:47 ` Eric Paris
2007-09-12 13:27 ` Karl MacMillan
2007-09-12 13:57 ` Daniel J Walsh
2007-09-13 14:08 ` Stephen Smalley
2007-09-13 14:46 ` Karl MacMillan
2007-09-13 14:57 ` Stephen Smalley
2007-09-13 15:25 ` Karl MacMillan
2007-09-13 19:25 ` Daniel J Walsh
2007-09-13 19:38 ` Stephen Smalley
2007-09-13 20:16 ` Eric Paris
2007-09-18 20:24 ` Stephen Smalley
2007-09-18 20:50 ` Joshua Brindle
2007-09-18 21:54 ` Chad Sellers
2007-09-19 12:56 ` Daniel J Walsh
2007-09-19 14:22 ` Chad Sellers
2007-10-12 13:50 ` Daniel J Walsh
2007-10-12 17:49 ` Joshua Brindle [this message]
2007-10-12 18:07 ` Eric Paris
2007-10-12 19:03 ` Karl MacMillan
2007-10-12 19:09 ` Stephen Smalley
2007-10-12 18:40 ` Chad Sellers
2007-10-12 19:05 ` Karl MacMillan
2007-10-12 20:43 ` Chad Sellers
2007-10-12 21:01 ` Stephen Smalley
2007-10-12 21:21 ` Karl MacMillan
2007-10-12 23:38 ` Chad Sellers
2007-10-13 13:38 ` Daniel J Walsh
2007-10-14 10:14 ` Stefan Schulze Frielinghaus
2007-10-15 12:40 ` Daniel J Walsh
2007-10-15 16:52 ` Brett Lentz
2007-10-15 16:58 ` Stephen Smalley
2007-10-15 18:32 ` Daniel J Walsh
2007-10-15 18:40 ` Stephen Smalley
2007-10-15 18:57 ` Karl MacMillan
2007-10-15 19:09 ` Eric Paris
2007-10-17 19:47 ` Stephen Smalley
2007-10-17 21:50 ` Recurring SELinux events for similar violations Hasan Rezaul-CHR010
2007-10-17 22:18 ` Eric Paris
2007-10-17 22:22 ` Hasan Rezaul-CHR010
2007-10-18 13:13 ` Stephen Smalley
2007-10-18 14:32 ` Hasan Rezaul-CHR010
2007-11-29 20:06 ` Hasan Rezaul-CHR010
2007-11-29 20:16 ` Stephen Smalley
2007-11-29 21:26 ` Hasan Rezaul-CHR010
2007-11-29 21:32 ` Stephen Smalley
2007-11-29 21:45 ` Stephen Smalley
2007-10-15 17:26 ` concept of a permissive domain Chad Sellers
2007-10-12 19:07 ` Stephen Smalley
2007-10-12 19:30 ` Stephen Smalley
2007-09-19 16:35 ` Martin Orr
2007-09-19 16:41 ` Eric Paris
2007-09-20 14:41 ` Joshua Brindle
2007-09-20 14:46 ` Joshua Brindle
2007-09-19 16:52 ` Stephen Smalley
2007-09-24 14:59 ` Karl MacMillan
2007-09-13 20:25 ` Karl MacMillan
2007-09-14 14:15 ` James Carter
2007-09-14 14:45 ` Joshua Brindle
2007-09-14 15:15 ` Karl MacMillan
2007-09-11 22:57 ` Joshua Brindle
2007-09-12 13:26 ` Karl MacMillan
2007-09-13 13:11 ` Stephen Smalley
2007-09-13 13:19 ` Karl MacMillan
2007-09-13 13:25 ` Stephen Smalley
2007-09-13 13:59 ` Eric Paris
2007-09-13 14:23 ` Stephen Smalley
2007-09-13 14:36 ` Stephen Smalley
2007-09-13 14:42 ` Karl MacMillan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=470FB394.8000106@tresys.com \
--to=jbrindle@tresys.com \
--cc=csellers@tresys.com \
--cc=dwalsh@redhat.com \
--cc=eparis@redhat.com \
--cc=kmacmillan@mentalrootkit.com \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.