diff for duplicates of <49D965CA.4030908@ak.jp.nec.com> diff --git a/a/1.txt b/N1/1.txt index b116268..ecd6cd8 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -44,3 +44,10 @@ Thanks, -- OSS Platform Development Division, NEC KaiGai Kohei <kaigai@ak.jp.nec.com> +-------------- next part -------------- +A non-text attachment was scrubbed... +Name: refpolicy-sepgsql-rework.3.patch +Type: text/x-patch +Size: 14309 bytes +Desc: not available +Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20090406/e8464137/attachment.bin diff --git a/a/2.hdr b/a/2.hdr deleted file mode 100644 index 33e1912..0000000 --- a/a/2.hdr +++ /dev/null @@ -1,5 +0,0 @@ -Content-Type: text/x-patch; - name="refpolicy-sepgsql-rework.3.patch" -Content-Transfer-Encoding: 7bit -Content-Disposition: inline; - filename="refpolicy-sepgsql-rework.3.patch" diff --git a/a/2.txt b/a/2.txt deleted file mode 100644 index 8eea08c..0000000 --- a/a/2.txt +++ /dev/null @@ -1,360 +0,0 @@ -Index: policy/flask/access_vectors -=================================================================== ---- policy/flask/access_vectors (revision 2942) -+++ policy/flask/access_vectors (working copy) -@@ -723,14 +723,14 @@ - access - install_module - load_module -- get_param -- set_param -+ get_param # not currently in use -+ set_param # not currently in use - } - - class db_table - inherits database - { -- use -+ use # not currently in use - select - update - insert -@@ -749,7 +749,7 @@ - class db_column - inherits database - { -- use -+ use # not currently in use - select - update - insert -@@ -759,7 +759,7 @@ - { - relabelfrom - relabelto -- use -+ use # not currently in use - select - update - insert -Index: policy/mcs -=================================================================== ---- policy/mcs (revision 2942) -+++ policy/mcs (working copy) -@@ -111,22 +111,22 @@ - (( h1 dom h2 ) and ( l2 eq h2 )); - - # Access control for any database objects based on MCS rules. --mlsconstrain db_database { drop setattr relabelfrom access install_module load_module get_param set_param } -+mlsconstrain db_database { drop getattr setattr relabelfrom access install_module load_module get_param set_param } - ( h1 dom h2 ); - --mlsconstrain db_table { drop setattr relabelfrom select update insert delete use } -+mlsconstrain db_table { drop getattr setattr relabelfrom select update insert delete use lock } - ( h1 dom h2 ); - --mlsconstrain db_column { drop setattr relabelfrom select update insert use } -+mlsconstrain db_column { drop getattr setattr relabelfrom select update insert use } - ( h1 dom h2 ); - - mlsconstrain db_tuple { relabelfrom select update delete use } - ( h1 dom h2 ); - --mlsconstrain db_procedure { execute install } -+mlsconstrain db_procedure { drop getattr setattr execute install } - ( h1 dom h2 ); - --mlsconstrain db_blob { drop setattr relabelfrom read write } -+mlsconstrain db_blob { drop getattr setattr relabelfrom read write import export } - ( h1 dom h2 ); - - ') dnl end enable_mcs -Index: policy/modules/services/postgresql.if -=================================================================== ---- policy/modules/services/postgresql.if (revision 2942) -+++ policy/modules/services/postgresql.if (working copy) -@@ -17,57 +17,11 @@ - # - interface(`postgresql_role',` - gen_require(` -- class db_database all_db_database_perms; -- class db_table all_db_table_perms; -- class db_procedure all_db_procedure_perms; -- class db_column all_db_column_perms; -- class db_tuple all_db_tuple_perms; -- class db_blob all_db_blob_perms; -- -- attribute sepgsql_client_type, sepgsql_database_type; -- attribute sepgsql_sysobj_table_type; -- -- type sepgsql_trusted_proc_exec_t, sepgsql_trusted_proc_t; -- type user_sepgsql_blob_t, user_sepgsql_proc_exec_t; -- type user_sepgsql_sysobj_t, user_sepgsql_table_t; -+ type sepgsql_trusted_proc_t; - ') - -- ######################################## -- # -- # Declarations -- # -- -- typeattribute $2 sepgsql_client_type; -+ postgresql_unpriv_client($2) - role $1 types sepgsql_trusted_proc_t; -- -- ############################## -- # -- # Client local policy -- # -- -- tunable_policy(`sepgsql_enable_users_ddl',` -- allow $2 user_sepgsql_table_t:db_table { create drop }; -- type_transition $2 sepgsql_database_type:db_table user_sepgsql_table_t; -- -- allow $2 user_sepgsql_table_t:db_column { create drop }; -- -- allow $2 user_sepgsql_sysobj_t:db_tuple { update insert delete }; -- type_transition $2 sepgsql_sysobj_table_type:db_tuple user_sepgsql_sysobj_t; -- ') -- -- allow $2 user_sepgsql_table_t:db_table { getattr setattr use select update insert delete }; -- allow $2 user_sepgsql_table_t:db_column { getattr setattr use select update insert }; -- allow $2 user_sepgsql_table_t:db_tuple { use select update insert delete }; -- allow $2 user_sepgsql_sysobj_t:db_tuple { use select }; -- -- allow $2 user_sepgsql_proc_exec_t:db_procedure { create drop getattr setattr execute }; -- type_transition $2 sepgsql_database_type:db_procedure user_sepgsql_proc_exec_t; -- -- allow $2 user_sepgsql_blob_t:db_blob { create drop getattr setattr read write }; -- type_transition $2 sepgsql_database_type:db_blob user_sepgsql_blob_t; -- -- allow $2 sepgsql_trusted_proc_t:process transition; -- type_transition $2 sepgsql_trusted_proc_exec_t:process sepgsql_trusted_proc_t; - ') - - ######################################## -@@ -313,22 +267,62 @@ - # - interface(`postgresql_unpriv_client',` - gen_require(` -+ class db_database all_db_database_perms; - class db_table all_db_table_perms; - class db_procedure all_db_procedure_perms; -+ class db_column all_db_column_perms; -+ class db_tuple all_db_tuple_perms; - class db_blob all_db_blob_perms; - - attribute sepgsql_client_type; -+ attribute sepgsql_database_type; -+ attribute sepgsql_sysobj_table_type; - -- type sepgsql_db_t, sepgsql_table_t, sepgsql_proc_t, sepgsql_blob_t; -- type sepgsql_trusted_proc_t, sepgsql_trusted_proc_exec_t; -- ') -+ type user_sepgsql_table_t; -+ type user_sepgsql_sysobj_t; -+ type user_sepgsql_proc_exec_t; -+ type user_sepgsql_blob_t; - -+ type sepgsql_trusted_proc_t; -+ type sepgsql_trusted_proc_exec_t; -+ ') -+ ######################################## -+ # -+ # Declarations -+ # - typeattribute $1 sepgsql_client_type; - -- type_transition $1 sepgsql_db_t:db_table sepgsql_table_t; -- type_transition $1 sepgsql_db_t:db_procedure sepgsql_proc_t; -- type_transition $1 sepgsql_db_t:db_blob sepgsql_blob_t; -+ ############################## -+ # -+ # Client local policy -+ # -+ type_transition $1 sepgsql_database_type:db_table user_sepgsql_table_t; -+ allow $1 user_sepgsql_table_t:db_table { getattr use select update insert delete lock }; -+ allow $1 user_sepgsql_table_t:db_column { getattr use select update insert }; -+ allow $1 user_sepgsql_table_t:db_tuple { use select update insert delete }; - -+ type_transition $1 sepgsql_sysobj_table_type:db_tuple user_sepgsql_sysobj_t; -+ allow $1 user_sepgsql_sysobj_t:db_tuple { use select }; -+ -+ type_transition $1 sepgsql_database_type:db_procedure user_sepgsql_proc_exec_t; -+ allow $1 user_sepgsql_proc_exec_t:db_procedure { getattr execute }; -+ -+ tunable_policy(`sepgsql_enable_users_ddl',` -+ allow $1 user_sepgsql_table_t:db_table { create drop setattr }; -+ allow $1 user_sepgsql_table_t:db_column { create drop setattr }; -+ -+ allow $1 user_sepgsql_sysobj_t:db_tuple { insert update delete }; -+ -+ allow $1 user_sepgsql_proc_exec_t:db_procedure { create drop setattr }; -+ ') -+ -+ type_transition $1 sepgsql_database_type:db_blob user_sepgsql_blob_t; -+ allow $1 user_sepgsql_blob_t:db_blob { create drop getattr setattr read write import export }; -+ -+ ############################## -+ # -+ # Trusted procedure -+ # - type_transition $1 sepgsql_trusted_proc_exec_t:process sepgsql_trusted_proc_t; - allow $1 sepgsql_trusted_proc_t:process transition; - ') -Index: policy/modules/services/postgresql.te -=================================================================== ---- policy/modules/services/postgresql.te (revision 2942) -+++ policy/modules/services/postgresql.te (working copy) -@@ -66,8 +66,9 @@ - type sepgsql_fixed_table_t; - postgresql_table_object(sepgsql_fixed_table_t) - --type sepgsql_proc_t; --postgresql_procedure_object(sepgsql_proc_t) -+type sepgsql_proc_exec_t; -+typealias sepgsql_proc_exec_t alias { sepgsql_proc_t }; -+postgresql_procedure_object(sepgsql_proc_exec_t) - - type sepgsql_ro_blob_t; - postgresql_blob_object(sepgsql_ro_blob_t) -@@ -143,7 +144,7 @@ - type_transition postgresql_t sepgsql_database_type:db_table sepgsql_sysobj_t; - - allow postgresql_t sepgsql_procedure_type:db_procedure *; --type_transition postgresql_t sepgsql_database_type:db_procedure sepgsql_proc_t; -+type_transition postgresql_t sepgsql_database_type:db_procedure sepgsql_proc_exec_t; - - allow postgresql_t sepgsql_blob_type:db_blob *; - type_transition postgresql_t sepgsql_database_type:db_blob sepgsql_blob_t; -@@ -284,27 +285,27 @@ - allow sepgsql_client_type sepgsql_db_t:db_database { getattr access get_param set_param }; - type_transition sepgsql_client_type sepgsql_client_type:db_database sepgsql_db_t; - --allow sepgsql_client_type sepgsql_fixed_table_t:db_table { getattr use select insert }; -+allow sepgsql_client_type sepgsql_fixed_table_t:db_table { getattr use select insert lock }; - allow sepgsql_client_type sepgsql_fixed_table_t:db_column { getattr use select insert }; - allow sepgsql_client_type sepgsql_fixed_table_t:db_tuple { use select insert }; - --allow sepgsql_client_type sepgsql_table_t:db_table { getattr use select update insert delete }; -+allow sepgsql_client_type sepgsql_table_t:db_table { getattr use select update insert delete lock }; - allow sepgsql_client_type sepgsql_table_t:db_column { getattr use select update insert }; - allow sepgsql_client_type sepgsql_table_t:db_tuple { use select update insert delete }; - --allow sepgsql_client_type sepgsql_ro_table_t:db_table { getattr use select }; -+allow sepgsql_client_type sepgsql_ro_table_t:db_table { getattr use select lock }; - allow sepgsql_client_type sepgsql_ro_table_t:db_column { getattr use select }; - allow sepgsql_client_type sepgsql_ro_table_t:db_tuple { use select }; - - allow sepgsql_client_type sepgsql_secret_table_t:db_table getattr; - allow sepgsql_client_type sepgsql_secret_table_t:db_column getattr; - --allow sepgsql_client_type sepgsql_sysobj_t:db_table { getattr use select }; -+allow sepgsql_client_type sepgsql_sysobj_t:db_table { getattr use select lock }; - allow sepgsql_client_type sepgsql_sysobj_t:db_column { getattr use select }; - allow sepgsql_client_type sepgsql_sysobj_t:db_tuple { use select }; - --allow sepgsql_client_type sepgsql_proc_t:db_procedure { getattr execute install }; --allow sepgsql_client_type sepgsql_trusted_proc_t:db_procedure { getattr execute entrypoint }; -+allow sepgsql_client_type sepgsql_proc_exec_t:db_procedure { getattr execute install }; -+allow sepgsql_client_type sepgsql_trusted_proc_exec_t:db_procedure { getattr execute entrypoint }; - - allow sepgsql_client_type sepgsql_blob_t:db_blob { create drop getattr setattr read write }; - allow sepgsql_client_type sepgsql_ro_blob_t:db_blob { getattr read }; -@@ -323,12 +324,6 @@ - # Therefore, the following rule is applied for any domains which can connect SE-PostgreSQL. - dontaudit { postgresql_t sepgsql_client_type sepgsql_unconfined_type } { sepgsql_table_type -sepgsql_sysobj_table_type }:db_tuple { use select update insert delete }; - --tunable_policy(`sepgsql_enable_users_ddl',` -- allow sepgsql_client_type sepgsql_table_t:db_table { create drop setattr }; -- allow sepgsql_client_type sepgsql_table_t:db_column { create drop setattr }; -- allow sepgsql_client_type sepgsql_sysobj_t:db_tuple { update insert delete }; --') -- - ######################################## - # - # Unconfined access to this module -@@ -338,15 +333,16 @@ - type_transition sepgsql_unconfined_type sepgsql_unconfined_type:db_database sepgsql_db_t; - - type_transition sepgsql_unconfined_type sepgsql_database_type:db_table sepgsql_table_t; --type_transition sepgsql_unconfined_type sepgsql_database_type:db_procedure sepgsql_proc_t; -+type_transition sepgsql_unconfined_type sepgsql_database_type:db_procedure sepgsql_proc_exec_t; - type_transition sepgsql_unconfined_type sepgsql_database_type:db_blob sepgsql_blob_t; - - allow sepgsql_unconfined_type sepgsql_table_type:{ db_table db_column db_tuple } *; - - # unconfined domain is not allowed to invoke user defined procedure directly. - # They have to confirm and relabel it at first. --allow sepgsql_unconfined_type { sepgsql_proc_t sepgsql_trusted_proc_t }:db_procedure *; --allow sepgsql_unconfined_type sepgsql_procedure_type:db_procedure { create drop getattr setattr relabelfrom relabelto }; -+allow sepgsql_unconfined_type sepgsql_proc_exec_t:db_procedure *; -+allow sepgsql_unconfined_type sepgsql_trusted_proc_exec_t:db_procedure ~{ install }; -+allow sepgsql_unconfined_type sepgsql_procedure_type:db_procedure ~{ execute install }; - - allow sepgsql_unconfined_type sepgsql_blob_type:db_blob *; - -Index: policy/mls -=================================================================== ---- policy/mls (revision 2942) -+++ policy/mls (working copy) -@@ -709,19 +709,25 @@ - ( t1 == mlsdbread ) or - ( t2 == mlstrustedobject )); - --mlsconstrain { db_table db_column } { getattr use select } -+mlsconstrain { db_table } { getattr use select lock } - (( l1 dom l2 ) or - (( t1 == mlsdbreadtoclr ) and ( h1 dom l2 )) or - ( t1 == mlsdbread ) or - ( t2 == mlstrustedobject )); - -+mlsconstrain { db_column } { getattr use select } -+ (( l1 dom l2 ) or -+ (( t1 == mlsdbreadtoclr ) and ( h1 dom l2 )) or -+ ( t1 == mlsdbread ) or -+ ( t2 == mlstrustedobject )); -+ - mlsconstrain { db_procedure } { getattr execute install } - (( l1 dom l2 ) or - (( t1 == mlsdbreadtoclr ) and ( h1 dom l2 )) or - ( t1 == mlsdbread ) or - ( t2 == mlstrustedobject )); - --mlsconstrain { db_blob } { getattr read } -+mlsconstrain { db_blob } { getattr read export } - (( l1 dom l2 ) or - (( t1 == mlsdbreadtoclr ) and ( h1 dom l2 )) or - ( t1 == mlsdbread ) or -@@ -741,7 +747,7 @@ - ( t1 == mlsdbwrite ) or - ( t2 == mlstrustedobject )); - --mlsconstrain { db_table } { create drop setattr relabelfrom update insert delete lock } -+mlsconstrain { db_table } { create drop setattr relabelfrom update insert delete } - (( l1 eq l2 ) or - (( t1 == mlsdbwritetoclr ) and ( h1 dom l2 ) and ( l1 domby l2 )) or - (( t2 == mlsdbwriteinrange ) and ( l1 dom l2 ) and ( h1 domby h2 )) or -@@ -755,13 +761,20 @@ - ( t1 == mlsdbwrite ) or - ( t2 == mlstrustedobject )); - --mlsconstrain { db_blob } { create drop setattr relabelfrom write import export } -+mlsconstrain { db_procedure } { create drop setattr relabelfrom } - (( l1 eq l2 ) or - (( t1 == mlsdbwritetoclr ) and ( h1 dom l2 ) and ( l1 domby l2 )) or - (( t2 == mlsdbwriteinrange ) and ( l1 dom l2 ) and ( h1 domby h2 )) or - ( t1 == mlsdbwrite ) or - ( t2 == mlstrustedobject )); - -+mlsconstrain { db_blob } { create drop setattr relabelfrom write import } -+ (( l1 eq l2 ) or -+ (( t1 == mlsdbwritetoclr ) and ( h1 dom l2 ) and ( l1 domby l2 )) or -+ (( t2 == mlsdbwriteinrange ) and ( l1 dom l2 ) and ( h1 domby h2 )) or -+ ( t1 == mlsdbwrite ) or -+ ( t2 == mlstrustedobject )); -+ - mlsconstrain { db_tuple } { relabelfrom update insert delete } - (( l1 eq l2 ) or - (( t1 == mlsdbwritetoclr ) and ( h1 dom l2 ) and ( l1 domby l2 )) or diff --git a/a/content_digest b/N1/content_digest index de57e42..ac387b1 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -3,14 +3,11 @@ "ref\049D4CB6E.1090900@manicmethod.com\0" "ref\01238684951.32379.311.camel@gorn.columbia.tresys.com\0" "ref\049D563A9.1000607@ak.jp.nec.com\0" - "From\0KaiGai Kohei <kaigai@ak.jp.nec.com>\0" - "Subject\0Re: [refpolicy] [RFC] Security policy reworks for SE-PostgreSQL\0" + "From\0kaigai@ak.jp.nec.com (KaiGai Kohei)\0" + "Subject\0[refpolicy] [RFC] Security policy reworks for SE-PostgreSQL\0" "Date\0Mon, 06 Apr 2009 11:15:38 +0900\0" - "To\0Christopher J. PeBenito <cpebenito@tresys.com>\0" - "Cc\0refpolicy@oss.tresys.com" - selinux@tycho.nsa.gov - " Joshua Brindle <method@manicmethod.com>\0" - "\01:1\0" + "To\0refpolicy@oss.tresys.com\0" + "\00:1\0" "b\0" "The attached patch provides some of reworks and bugfuxes\n" "except for new object classes and permissions.\n" @@ -57,369 +54,13 @@ "Thanks,\n" "-- \n" "OSS Platform Development Division, NEC\n" - KaiGai Kohei <kaigai@ak.jp.nec.com> - "\01:2\0" - "fn\0refpolicy-sepgsql-rework.3.patch\0" - "b\0" - "Index: policy/flask/access_vectors\n" - "===================================================================\n" - "--- policy/flask/access_vectors\t(revision 2942)\n" - "+++ policy/flask/access_vectors\t(working copy)\n" - "@@ -723,14 +723,14 @@\n" - " \taccess\n" - " \tinstall_module\n" - " \tload_module\n" - "-\tget_param\n" - "-\tset_param\n" - "+\tget_param\t# not currently in use\n" - "+\tset_param\t# not currently in use\n" - " }\n" - " \n" - " class db_table\n" - " inherits database\n" - " {\n" - "-\tuse\n" - "+\tuse\t\t# not currently in use\n" - " \tselect\n" - " \tupdate\n" - " \tinsert\n" - "@@ -749,7 +749,7 @@\n" - " class db_column\n" - " inherits database\n" - " {\n" - "-\tuse\n" - "+\tuse\t\t# not currently in use\n" - " \tselect\n" - " \tupdate\n" - " \tinsert\n" - "@@ -759,7 +759,7 @@\n" - " {\n" - " \trelabelfrom\n" - " \trelabelto\n" - "-\tuse\n" - "+\tuse\t\t# not currently in use\n" - " \tselect\n" - " \tupdate\n" - " \tinsert\n" - "Index: policy/mcs\n" - "===================================================================\n" - "--- policy/mcs\t(revision 2942)\n" - "+++ policy/mcs\t(working copy)\n" - "@@ -111,22 +111,22 @@\n" - " \t(( h1 dom h2 ) and ( l2 eq h2 ));\n" - " \n" - " # Access control for any database objects based on MCS rules.\n" - "-mlsconstrain db_database { drop setattr relabelfrom access install_module load_module get_param set_param }\n" - "+mlsconstrain db_database { drop getattr setattr relabelfrom access install_module load_module get_param set_param }\n" - " \t( h1 dom h2 );\n" - " \n" - "-mlsconstrain db_table { drop setattr relabelfrom select update insert delete use }\n" - "+mlsconstrain db_table { drop getattr setattr relabelfrom select update insert delete use lock }\n" - " \t( h1 dom h2 );\n" - " \n" - "-mlsconstrain db_column { drop setattr relabelfrom select update insert use }\n" - "+mlsconstrain db_column { drop getattr setattr relabelfrom select update insert use }\n" - " \t( h1 dom h2 );\n" - " \n" - " mlsconstrain db_tuple { relabelfrom select update delete use }\n" - " \t( h1 dom h2 );\n" - " \n" - "-mlsconstrain db_procedure { execute install }\n" - "+mlsconstrain db_procedure { drop getattr setattr execute install }\n" - " \t( h1 dom h2 );\n" - " \n" - "-mlsconstrain db_blob { drop setattr relabelfrom read write }\n" - "+mlsconstrain db_blob { drop getattr setattr relabelfrom read write import export }\n" - " \t( h1 dom h2 );\n" - " \n" - " ') dnl end enable_mcs\n" - "Index: policy/modules/services/postgresql.if\n" - "===================================================================\n" - "--- policy/modules/services/postgresql.if\t(revision 2942)\n" - "+++ policy/modules/services/postgresql.if\t(working copy)\n" - "@@ -17,57 +17,11 @@\n" - " #\n" - " interface(`postgresql_role',`\n" - " \tgen_require(`\n" - "-\t\tclass db_database all_db_database_perms;\n" - "-\t\tclass db_table all_db_table_perms;\n" - "-\t\tclass db_procedure all_db_procedure_perms;\n" - "-\t\tclass db_column all_db_column_perms;\n" - "-\t\tclass db_tuple all_db_tuple_perms;\n" - "-\t\tclass db_blob all_db_blob_perms;\n" - "-\n" - "-\t\tattribute sepgsql_client_type, sepgsql_database_type;\n" - "-\t\tattribute sepgsql_sysobj_table_type;\n" - "-\n" - "-\t\ttype sepgsql_trusted_proc_exec_t, sepgsql_trusted_proc_t;\n" - "-\t\ttype user_sepgsql_blob_t, user_sepgsql_proc_exec_t;\n" - "-\t\ttype user_sepgsql_sysobj_t, user_sepgsql_table_t;\n" - "+\t\ttype sepgsql_trusted_proc_t;\n" - " \t')\n" - " \n" - "-\t########################################\n" - "-\t#\n" - "-\t# Declarations\n" - "-\t#\n" - "-\n" - "-\ttypeattribute $2 sepgsql_client_type;\n" - "+\tpostgresql_unpriv_client($2)\n" - " \trole $1 types sepgsql_trusted_proc_t;\n" - "-\n" - "-\t##############################\n" - "-\t#\n" - "-\t# Client local policy\n" - "-\t#\n" - "-\n" - "-\ttunable_policy(`sepgsql_enable_users_ddl',`\n" - "-\t\tallow $2 user_sepgsql_table_t:db_table { create drop };\n" - "-\t\ttype_transition $2 sepgsql_database_type:db_table user_sepgsql_table_t;\n" - "-\n" - "-\t\tallow $2 user_sepgsql_table_t:db_column { create drop };\n" - "-\n" - "-\t\tallow $2 user_sepgsql_sysobj_t:db_tuple { update insert delete };\n" - "-\t\ttype_transition $2 sepgsql_sysobj_table_type:db_tuple user_sepgsql_sysobj_t;\n" - "-\t')\n" - "-\n" - "-\tallow $2 user_sepgsql_table_t:db_table { getattr setattr use select update insert delete };\n" - "-\tallow $2 user_sepgsql_table_t:db_column { getattr setattr use select update insert };\n" - "-\tallow $2 user_sepgsql_table_t:db_tuple\t{ use select update insert delete };\n" - "-\tallow $2 user_sepgsql_sysobj_t:db_tuple\t{ use select };\n" - "-\n" - "-\tallow $2 user_sepgsql_proc_exec_t:db_procedure { create drop getattr setattr execute };\n" - "-\ttype_transition $2 sepgsql_database_type:db_procedure user_sepgsql_proc_exec_t;\n" - "-\n" - "-\tallow $2 user_sepgsql_blob_t:db_blob { create drop getattr setattr read write };\n" - "-\ttype_transition $2 sepgsql_database_type:db_blob user_sepgsql_blob_t;\n" - "-\n" - "-\tallow $2 sepgsql_trusted_proc_t:process transition;\n" - "-\ttype_transition $2 sepgsql_trusted_proc_exec_t:process sepgsql_trusted_proc_t;\n" - " ')\n" - " \n" - " ########################################\n" - "@@ -313,22 +267,62 @@\n" - " #\n" - " interface(`postgresql_unpriv_client',`\n" - " \tgen_require(`\n" - "+\t\tclass db_database all_db_database_perms;\n" - " \t\tclass db_table all_db_table_perms;\n" - " \t\tclass db_procedure all_db_procedure_perms;\n" - "+\t\tclass db_column all_db_column_perms;\n" - "+\t\tclass db_tuple all_db_tuple_perms;\n" - " \t\tclass db_blob all_db_blob_perms;\n" - " \n" - " \t\tattribute sepgsql_client_type;\n" - "+\t\tattribute sepgsql_database_type;\n" - "+\t\tattribute sepgsql_sysobj_table_type;\n" - " \n" - "-\t\ttype sepgsql_db_t, sepgsql_table_t, sepgsql_proc_t, sepgsql_blob_t;\n" - "-\t\ttype sepgsql_trusted_proc_t, sepgsql_trusted_proc_exec_t;\n" - "-\t')\n" - "+\t\ttype user_sepgsql_table_t;\n" - "+\t\ttype user_sepgsql_sysobj_t;\n" - "+\t\ttype user_sepgsql_proc_exec_t;\n" - "+\t\ttype user_sepgsql_blob_t;\n" - " \n" - "+\t\ttype sepgsql_trusted_proc_t;\n" - "+\t\ttype sepgsql_trusted_proc_exec_t;\n" - "+\t')\n" - "+\t########################################\n" - "+\t#\n" - "+\t# Declarations\n" - "+\t#\n" - " \ttypeattribute $1 sepgsql_client_type;\n" - " \n" - "-\ttype_transition $1 sepgsql_db_t:db_table sepgsql_table_t;\n" - "-\ttype_transition $1 sepgsql_db_t:db_procedure sepgsql_proc_t;\n" - "-\ttype_transition $1 sepgsql_db_t:db_blob sepgsql_blob_t;\n" - "+\t##############################\n" - "+\t#\n" - "+\t# Client local policy\n" - "+\t#\n" - "+\ttype_transition $1 sepgsql_database_type:db_table user_sepgsql_table_t;\n" - "+\tallow $1 user_sepgsql_table_t:db_table { getattr use select update insert delete lock };\n" - "+\tallow $1 user_sepgsql_table_t:db_column { getattr use select update insert };\n" - "+\tallow $1 user_sepgsql_table_t:db_tuple { use select update insert delete };\n" - " \n" - "+\ttype_transition $1 sepgsql_sysobj_table_type:db_tuple user_sepgsql_sysobj_t;\n" - "+\tallow $1 user_sepgsql_sysobj_t:db_tuple { use select };\n" - "+\n" - "+\ttype_transition $1 sepgsql_database_type:db_procedure user_sepgsql_proc_exec_t;\n" - "+\tallow $1 user_sepgsql_proc_exec_t:db_procedure { getattr execute };\n" - "+\n" - "+\ttunable_policy(`sepgsql_enable_users_ddl',`\n" - "+\t\tallow $1 user_sepgsql_table_t:db_table { create drop setattr };\n" - "+\t\tallow $1 user_sepgsql_table_t:db_column { create drop setattr };\n" - "+\n" - "+\t\tallow $1 user_sepgsql_sysobj_t:db_tuple { insert update delete };\n" - "+\n" - "+\t\tallow $1 user_sepgsql_proc_exec_t:db_procedure { create drop setattr };\n" - "+\t')\n" - "+\n" - "+\ttype_transition $1 sepgsql_database_type:db_blob user_sepgsql_blob_t;\n" - "+\tallow $1 user_sepgsql_blob_t:db_blob { create drop getattr setattr read write import export };\n" - "+\n" - "+\t##############################\n" - "+\t#\n" - "+\t# Trusted procedure\n" - "+\t#\n" - " \ttype_transition $1 sepgsql_trusted_proc_exec_t:process sepgsql_trusted_proc_t;\n" - " \tallow $1 sepgsql_trusted_proc_t:process transition;\n" - " ')\n" - "Index: policy/modules/services/postgresql.te\n" - "===================================================================\n" - "--- policy/modules/services/postgresql.te\t(revision 2942)\n" - "+++ policy/modules/services/postgresql.te\t(working copy)\n" - "@@ -66,8 +66,9 @@\n" - " type sepgsql_fixed_table_t;\n" - " postgresql_table_object(sepgsql_fixed_table_t)\n" - " \n" - "-type sepgsql_proc_t;\n" - "-postgresql_procedure_object(sepgsql_proc_t)\n" - "+type sepgsql_proc_exec_t;\n" - "+typealias sepgsql_proc_exec_t alias { sepgsql_proc_t };\n" - "+postgresql_procedure_object(sepgsql_proc_exec_t)\n" - " \n" - " type sepgsql_ro_blob_t;\n" - " postgresql_blob_object(sepgsql_ro_blob_t)\n" - "@@ -143,7 +144,7 @@\n" - " type_transition postgresql_t sepgsql_database_type:db_table sepgsql_sysobj_t;\n" - " \n" - " allow postgresql_t sepgsql_procedure_type:db_procedure *;\n" - "-type_transition postgresql_t sepgsql_database_type:db_procedure sepgsql_proc_t;\n" - "+type_transition postgresql_t sepgsql_database_type:db_procedure sepgsql_proc_exec_t;\n" - " \n" - " allow postgresql_t sepgsql_blob_type:db_blob *;\n" - " type_transition postgresql_t sepgsql_database_type:db_blob sepgsql_blob_t;\n" - "@@ -284,27 +285,27 @@\n" - " allow sepgsql_client_type sepgsql_db_t:db_database { getattr access get_param set_param };\n" - " type_transition sepgsql_client_type sepgsql_client_type:db_database sepgsql_db_t;\n" - " \n" - "-allow sepgsql_client_type sepgsql_fixed_table_t:db_table { getattr use select insert };\n" - "+allow sepgsql_client_type sepgsql_fixed_table_t:db_table { getattr use select insert lock };\n" - " allow sepgsql_client_type sepgsql_fixed_table_t:db_column { getattr use select insert };\n" - " allow sepgsql_client_type sepgsql_fixed_table_t:db_tuple { use select insert };\n" - " \n" - "-allow sepgsql_client_type sepgsql_table_t:db_table { getattr use select update insert delete };\n" - "+allow sepgsql_client_type sepgsql_table_t:db_table { getattr use select update insert delete lock };\n" - " allow sepgsql_client_type sepgsql_table_t:db_column { getattr use select update insert };\n" - " allow sepgsql_client_type sepgsql_table_t:db_tuple { use select update insert delete };\n" - " \n" - "-allow sepgsql_client_type sepgsql_ro_table_t:db_table { getattr use select };\n" - "+allow sepgsql_client_type sepgsql_ro_table_t:db_table { getattr use select lock };\n" - " allow sepgsql_client_type sepgsql_ro_table_t:db_column { getattr use select };\n" - " allow sepgsql_client_type sepgsql_ro_table_t:db_tuple { use select };\n" - " \n" - " allow sepgsql_client_type sepgsql_secret_table_t:db_table getattr;\n" - " allow sepgsql_client_type sepgsql_secret_table_t:db_column getattr;\n" - " \n" - "-allow sepgsql_client_type sepgsql_sysobj_t:db_table { getattr use select };\n" - "+allow sepgsql_client_type sepgsql_sysobj_t:db_table { getattr use select lock };\n" - " allow sepgsql_client_type sepgsql_sysobj_t:db_column { getattr use select };\n" - " allow sepgsql_client_type sepgsql_sysobj_t:db_tuple { use select };\n" - " \n" - "-allow sepgsql_client_type sepgsql_proc_t:db_procedure { getattr execute install };\n" - "-allow sepgsql_client_type sepgsql_trusted_proc_t:db_procedure { getattr execute entrypoint };\n" - "+allow sepgsql_client_type sepgsql_proc_exec_t:db_procedure { getattr execute install };\n" - "+allow sepgsql_client_type sepgsql_trusted_proc_exec_t:db_procedure { getattr execute entrypoint };\n" - " \n" - " allow sepgsql_client_type sepgsql_blob_t:db_blob { create drop getattr setattr read write };\n" - " allow sepgsql_client_type sepgsql_ro_blob_t:db_blob { getattr read };\n" - "@@ -323,12 +324,6 @@\n" - " # Therefore, the following rule is applied for any domains which can connect SE-PostgreSQL.\n" - " dontaudit { postgresql_t sepgsql_client_type sepgsql_unconfined_type } { sepgsql_table_type -sepgsql_sysobj_table_type }:db_tuple { use select update insert delete };\n" - " \n" - "-tunable_policy(`sepgsql_enable_users_ddl',`\n" - "-\tallow sepgsql_client_type sepgsql_table_t:db_table { create drop setattr };\n" - "-\tallow sepgsql_client_type sepgsql_table_t:db_column { create drop setattr };\n" - "-\tallow sepgsql_client_type sepgsql_sysobj_t:db_tuple { update insert delete };\n" - "-')\n" - "-\n" - " ########################################\n" - " #\n" - " # Unconfined access to this module\n" - "@@ -338,15 +333,16 @@\n" - " type_transition sepgsql_unconfined_type sepgsql_unconfined_type:db_database sepgsql_db_t;\n" - " \n" - " type_transition sepgsql_unconfined_type sepgsql_database_type:db_table sepgsql_table_t;\n" - "-type_transition sepgsql_unconfined_type sepgsql_database_type:db_procedure sepgsql_proc_t;\n" - "+type_transition sepgsql_unconfined_type sepgsql_database_type:db_procedure sepgsql_proc_exec_t;\n" - " type_transition sepgsql_unconfined_type sepgsql_database_type:db_blob sepgsql_blob_t;\n" - " \n" - " allow sepgsql_unconfined_type sepgsql_table_type:{ db_table db_column db_tuple } *;\n" - " \n" - " # unconfined domain is not allowed to invoke user defined procedure directly.\n" - " # They have to confirm and relabel it at first.\n" - "-allow sepgsql_unconfined_type { sepgsql_proc_t sepgsql_trusted_proc_t }:db_procedure *;\n" - "-allow sepgsql_unconfined_type sepgsql_procedure_type:db_procedure { create drop getattr setattr relabelfrom relabelto };\n" - "+allow sepgsql_unconfined_type sepgsql_proc_exec_t:db_procedure *;\n" - "+allow sepgsql_unconfined_type sepgsql_trusted_proc_exec_t:db_procedure ~{ install };\n" - "+allow sepgsql_unconfined_type sepgsql_procedure_type:db_procedure ~{ execute install };\n" - " \n" - " allow sepgsql_unconfined_type sepgsql_blob_type:db_blob *;\n" - " \n" - "Index: policy/mls\n" - "===================================================================\n" - "--- policy/mls\t(revision 2942)\n" - "+++ policy/mls\t(working copy)\n" - "@@ -709,19 +709,25 @@\n" - " \t ( t1 == mlsdbread ) or\n" - " \t ( t2 == mlstrustedobject ));\n" - " \n" - "-mlsconstrain { db_table db_column } { getattr use select }\n" - "+mlsconstrain { db_table } { getattr use select lock }\n" - " \t(( l1 dom l2 ) or\n" - " \t (( t1 == mlsdbreadtoclr ) and ( h1 dom l2 )) or\n" - " \t ( t1 == mlsdbread ) or\n" - " \t ( t2 == mlstrustedobject ));\n" - " \n" - "+mlsconstrain { db_column } { getattr use select }\n" - "+\t(( l1 dom l2 ) or\n" - "+\t (( t1 == mlsdbreadtoclr ) and ( h1 dom l2 )) or\n" - "+\t ( t1 == mlsdbread ) or\n" - "+\t ( t2 == mlstrustedobject ));\n" - "+\n" - " mlsconstrain { db_procedure } { getattr execute install }\n" - " \t(( l1 dom l2 ) or\n" - " \t (( t1 == mlsdbreadtoclr ) and ( h1 dom l2 )) or\n" - " \t ( t1 == mlsdbread ) or\n" - " \t ( t2 == mlstrustedobject ));\n" - " \n" - "-mlsconstrain { db_blob } { getattr read }\n" - "+mlsconstrain { db_blob } { getattr read export }\n" - " \t(( l1 dom l2 ) or\n" - " \t (( t1 == mlsdbreadtoclr ) and ( h1 dom l2 )) or\n" - " \t ( t1 == mlsdbread ) or\n" - "@@ -741,7 +747,7 @@\n" - " \t ( t1 == mlsdbwrite ) or\n" - " \t ( t2 == mlstrustedobject ));\n" - " \n" - "-mlsconstrain { db_table } { create drop setattr relabelfrom update insert delete lock }\n" - "+mlsconstrain { db_table } { create drop setattr relabelfrom update insert delete }\n" - " \t(( l1 eq l2 ) or\n" - " \t (( t1 == mlsdbwritetoclr ) and ( h1 dom l2 ) and ( l1 domby l2 )) or\n" - " \t (( t2 == mlsdbwriteinrange ) and ( l1 dom l2 ) and ( h1 domby h2 )) or\n" - "@@ -755,13 +761,20 @@\n" - " \t ( t1 == mlsdbwrite ) or\n" - " \t ( t2 == mlstrustedobject ));\n" - " \n" - "-mlsconstrain { db_blob } { create drop setattr relabelfrom write import export }\n" - "+mlsconstrain { db_procedure } { create drop setattr relabelfrom }\n" - " \t(( l1 eq l2 ) or\n" - " \t (( t1 == mlsdbwritetoclr ) and ( h1 dom l2 ) and ( l1 domby l2 )) or\n" - " \t (( t2 == mlsdbwriteinrange ) and ( l1 dom l2 ) and ( h1 domby h2 )) or\n" - " \t ( t1 == mlsdbwrite ) or\n" - " \t ( t2 == mlstrustedobject ));\n" - " \n" - "+mlsconstrain { db_blob } { create drop setattr relabelfrom write import }\n" - "+\t(( l1 eq l2 ) or\n" - "+\t (( t1 == mlsdbwritetoclr ) and ( h1 dom l2 ) and ( l1 domby l2 )) or\n" - "+\t (( t2 == mlsdbwriteinrange ) and ( l1 dom l2 ) and ( h1 domby h2 )) or\n" - "+\t ( t1 == mlsdbwrite ) or\n" - "+\t ( t2 == mlstrustedobject ));\n" - "+\n" - " mlsconstrain { db_tuple } { relabelfrom update insert delete }\n" - " \t(( l1 eq l2 ) or\n" - " \t (( t1 == mlsdbwritetoclr ) and ( h1 dom l2 ) and ( l1 domby l2 )) or" + "KaiGai Kohei <kaigai@ak.jp.nec.com>\n" + "-------------- next part --------------\n" + "A non-text attachment was scrubbed...\n" + "Name: refpolicy-sepgsql-rework.3.patch\n" + "Type: text/x-patch\n" + "Size: 14309 bytes\n" + "Desc: not available\n" + Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20090406/e8464137/attachment.bin -3e5a6020679c65c2d2e4ce10528549a1de9b9368fd4196d42bb06e9fa4ed41d5 +ae85a4c290f261029534482b352d791647aaa7376d825e96956f62053e14f330
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.