From: mgrepl@redhat.com (Miroslav Grepl)
To: refpolicy@oss.tresys.com
Subject: [refpolicy] kdbus support
Date: Wed, 5 Aug 2015 14:19:43 +0200 [thread overview]
Message-ID: <55C1FF5F.3050006@redhat.com> (raw)
In-Reply-To: <CAHC9VhQNLy02YCbGRjqpO_MKG_4F2Z6Q9i6sQ1Ujuwzdk1cTHQ@mail.gmail.com>
On 08/03/2015 09:28 PM, Paul Moore wrote:
> On Mon, Aug 3, 2015 at 11:55 AM, Stephen Smalley <sds@tycho.nsa.gov> wrote:
>> On 08/03/2015 11:52 AM, Daniel J Walsh wrote:
>>> I am sure the developers would argue that the whole process would ground
>>> to a halt.
>>
>> Seems problematic otherwise, as 1) it shifts the blame for breakage to
>> SELinux rather than to the offending change, and 2) it teaches
>> developers and users of rawhide to just always disable SELinux to avoid
>> such breakage, which only further reinforces the problem. And then
>> fixing such issues falls entirely on you and never on the developer who
>> made the change. Certainly seems problematic that the maintainer of a
>> such a critical package as systemd runs with SELinux disabled...
>
> I completely agree with Stephen.
>
> Adding kdbus without the necessary LSM/SELinux support it a security
> regression, it's really that simple. While I agree that the systemd
> developers seem to be a bit more responsive to SELinux faults than
> most developers, there is absolutely no reason why they shouldn't have
> done more to ensure the proper LSM/SELinux support. At the very
> least, some emails about the kdbus development plans and timing would
> have helped greatly.
>
> As things stand there is almost surely going to be a gap where kdbus
> is upstream but it is missing the necessary LSM/SELinux hooks. That
> is a very bad thing in my opinion, made worse by the fact that is so
> easily could have been avoided with better communication by the kdbus
> developers.
>
I like to see this discussion here. Basically as Dan wrote it was about
to avoid unlabeled_t and have rawhide working somehow because it is
always important to catch most of issues in this phase. I will create a
tracker bug and collect all issues. And this is more easier with
kdbusfs_t labeling against unlabeled_t.
And of course, this is not something what we will keep in regular Fedora
releases.
--
Miroslav Grepl
Senior Software Engineer, SELinux Solutions
Red Hat, Inc.
next prev parent reply other threads:[~2015-08-05 12:19 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-03 12:31 [refpolicy] kdbus support Miroslav Grepl
2015-08-03 13:27 ` Stephen Smalley
2015-08-03 13:34 ` Miroslav Grepl
2015-08-03 14:33 ` Daniel J Walsh
2015-08-03 15:40 ` Stephen Smalley
2015-08-03 15:52 ` Daniel J Walsh
2015-08-03 15:55 ` Stephen Smalley
2015-08-03 18:21 ` Dominick Grift
2015-08-03 18:30 ` Dominick Grift
2015-08-03 18:41 ` Daniel J Walsh
2015-08-03 18:54 ` Dominick Grift
2015-08-27 15:46 ` Dominick Grift
2015-08-03 19:28 ` Paul Moore
2015-08-05 12:19 ` Miroslav Grepl [this message]
2015-08-27 15:06 ` Dominick Grift
2015-08-03 18:19 ` Dominick Grift
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55C1FF5F.3050006@redhat.com \
--to=mgrepl@redhat.com \
--cc=refpolicy@oss.tresys.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.