Progress! .532 boots! -- but dbus/hotplug/udev problems remain?

Stephen Smalley sds at epoch.ncsc.mil
Wed Sep 1 11:33:24 UTC 2004


On Wed, 2004-09-01 at 02:37, Russell Coker wrote:
> One thing to remember is that any time you see user_t in policy it's a local 
> customisation or a bug.
> 
> In this case it seems to me that one correct way of writing policy for this is 
> the following:
> allow { dbus_client_domain userdomain } etc_dbusd_t:dir { search };
> allow { dbus_client_domain userdomain } etc_dbusd_t:file { getattr read };
> allow { dbus_client_domain userdomain } user_t:netlink_selinux_socket { bind 
> create };
> 
> But then we are granting almost every domain that has any significance in the 
> security of the system read access.  So why not just label the files as etc_t 
> and remove the etc_dbusd_t type entirely?

These permissions shouldn't be granted directly to the user domains.  We
need per-userdomain dbusd domains defined via a macro for the
per-session message bus.  

-- 
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency




More information about the fedora-selinux-list mailing list